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About This Guide 


This guide describes how to access and use Novell Remote Manager on a host that is running Novell 
Open Enterprise Server (OES) 11 SP3 on the SUSE Linux Enterprise Server (SLES) 11 Service Pack 
4 (SP4) operating system. This guide includes the following information: 

¢ Chapter 1, “Overview of Novell Remote Manager for Linux,” on page 11 

¢ Chapter 2, “What's New or Changed in Novell Remote Manager,” on page 15 

¢ Chapter 3, “Migrating Novell Remote Manager from NetWare to OES 11,” on page 21 

¢ Chapter 4, “Managing a Virtualized Linux Server with Novell Remote Manager,” on page 23 

+ Chapter 5, “Installing Novell Remote Manager for Linux,” on page 25 

+ Chapter 6, “Accessing Novell Remote Manager for Linux,” on page 27 

¢ Chapter 7, “Changing the HTTPSTKD Configuration,” on page 37 

+ Chapter 8, “Diagnosing Problems Using Ganglia and Nagios (OES 11 SP3),” on page 45 

¢ Chapter 9, “Viewing File Systems,” on page 69 

¢ Chapter 10, “Managing Linux,” on page 77 

¢ Chapter 11, “Managing Hardware,” on page 87 

¢ Chapter 12, “Using Group Operations,” on page 93 

+ Chapter 13, “Managing NCP Services,” on page 105 

+ Chapter 14, “Managing Dynamic Storage Technology Options,” on page 133 

¢ Chapter 15, “Managing CIFS Services,” on page 137 

+ Chapter 16, “Managing AFP Services,” on page 141 

¢ Chapter 17, “Tasks Quick Reference,” on page 145 

¢ Chapter 18, “Troubleshooting Novell Remote Manager,” on page 149 

¢ Chapter 19, “Security Considerations,” on page 153 

+ Appendix A, “HTTPSTKD Configuration File Options,” on page 159 

+ Appendix B, “Novell Remote Manager Packages,” on page 171 

+ Appendix C, “Documentation Updates,” on page 173 


Audience 


This guide is intended for network administrators. 


Feedback 


We want to hear your comments and suggestions about this manual and the other documentation 
included with this product. Please use the User Comments feature at the bottom of each page of the 
online documentation, or go to Novell Documentation Feedback (http://www.novell.com/ 
documentation/feedback.html) and enter your comments there. 
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Documentation Updates 


For the most recent version of the Novell Remote Manager Administration Guide, visit the OES 11 
SP3 documentation website (http:/Awww.novell.com/documentation/oes11/mgmt_remotemgr_Ix/data/ 
front.html). 


Additional Documentation 


For information about other OES 11 SP3 services and file systems, see the OES 11 SP3 
documentation website (http:/Awww.novell.com/documentation/oes11/). 
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1.1 


Overview of Novell Remote Manager for 
Linux 


Novell Remote Manager for Linux is a browser-based utility that you can use to manage one or more 
Linux servers from a remote location. 


You can use Novell Remote Manager to monitor your server's health, change the configuration of 
your server, or perform diagnostic and debugging tasks. 


The advantages of using Novell Remote Manager for server management are that: 


¢ It does not require a special client. 


¢ It provides a graphical interface that makes interpreting diagnostic information much more 
comprehensive and easier to manage. 


¢ It provides added functionality that is not available in the other management utilities. 
This section explains the following: 


¢ Section 1.1, “Benefits of Using Novell Remote Manager,” on page 11 
¢ Section 1.2, “Other Management Utilities,” on page 12 
¢ Section 1.3, “What's Next,” on page 12 


Benefits of Using Novell Remote Manager 


Organizations usually don’t have a technician physically located at the server when it needs attention. 
Servers are frequently placed in remote or distributed locations and, in the case of service providers, 
at many different companies. The ability to centrally monitor, diagnose, and repair (or preventively 
avoid) server problems is a significant advantage. It is also a major benefit to be able to provide 
technical service from any location—any point in the world—across the Internet. 


Novell Remote Manager provides IT staff and service providers the ability to monitor and control a 
complete selection of server controls and functions through a standard web browser. 


The management power and flexibility now available simplifies network administration and allows 
fewer staff to effectively manage more resources. Novell Remote Manager lets you do the following: 


¢ Securely access and manage a Linux server from any location. With proper login credentials and 
Internet access, administrators can control servers from any location. 


+ Group servers for collective management, allowing you to manage multiple servers through the 
same interface and application. 


+ Quickly locate and assess problems. An intuitive graphical user interface provides a control 
dashboard with indicators for server health and status. 


+ Manage servers comprehensively. Novell Remote Manager provides control for viewing or 
managing Linux servers, directories, processes, and hardware. 
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While using Novell Remote Manager, you can perform the following major tasks: 


+ Monitor and manage your server’s health 
¢ Monitor the health status of one or more servers 
+ Build a group of servers and items to be monitored together 
+ Access server and configuration logs 
¢ Configure your server 
¢ View information about all hardware adapters, hardware resources, and processor data 
+ Upload and replace files 
+ Monitor memory resources 
+ Access files 
¢ Shut down or reset a server 
¢ Troubleshoot server problems 
+ Find high memory users 


+ Monitor server processes 


1.2 Other Management Utilities 


Novell Remote Manager does not replace other management utilities that are available in OES 11. 
For an understanding of which utilities are best for the task you need to perform, see “OES Utilities 
and Tools” in the OES 11 SP3: Planning and Implementation Guide. 


1.3 What's Next 


Now that you have learned some of the benefits of using Novell Remote Manager, use the 
information in Table 1-1 and Table 1-2 to help you access and use it. 


Table 1-1 Information about Novell Remote Manager 


For Information About See 


Accessing and understanding the layout of Novell Chapter 6, “Accessing Novell Remote Manager for Linux,” 
Remote Manager on page 27 


Determining whether Novell Remote Manager for Chapter 3, “Migrating Novell Remote Manager from 
Linux is compatible with other operating systems NetWare to OES 11,” on page 21 
and how it fits in your current network 


Managing a virtualized OES 11 server with Novell Chapter 4, “Managing a Virtualized Linux Server with 


Remote Manager. Novell Remote Manager,” on page 23 

Installing Novell Remote Manager for Linux Chapter 5, “Installing Novell Remote Manager for Linux,” 
on page 25 

Changing the configuration of Novell Remote Chapter 7, “Changing the HTTPSTKD Configuration,” on 

Manager page 37 
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For Information About 


Using Novell Remote Manager to monitor and 
manage your OES servers 


See 


+ Chapter 8, “Diagnosing Problems Using Ganglia and 
Nagios (OES 11 SP3),” on page 45 


+ Chapter 9, “Viewing File Systems,” on page 69 


+ Chapter 10, “Managing Linux,” on page 77 


+ Chapter 11, “Managing Hardware,” on page 87 


+ Chapter 12, “Using Group Operations,” on page 93 


Things to consider for setting up your system ina 
secure environment. 


Chapter 19, “Security Considerations,” on page 153 


Table 1-2 Information about Plug-Ins to Novell Remote Manager 


For Information About 


Dynamic Storage Technology 


See 


+ 


Chapter 13, “Managing NCP Services,” on 
page 105 


OES 11 SP3: Dynamic Storage Technology 
Administration Guide 


NCP Server 


Chapter 13, “Managing NCP Services,” on 
page 105 


OES 11 SP3: NCP Server for Linux 
Administration Guide 


Novell AFP (in OES 11 SP2 and later) 


Novell CIFS (in OES 11 SP2 and later) 


Chapter 16, “Managing AFP Services,” on 
page 141 


OES 11 SP3: Novell AFP for Linux Administration 
Guide 

Chapter 15, “Managing CIFS Services,” on 

page 137 


OES 11 SP3: Novell CIFS for Linux 
Administration Guide 
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2.1 


2.2 


What’s New or Changed in Novell 
Remote Manager 


This section describes the changes made to Novell Remote Manager since the Novell Open 
Enterprise Server (OES) 11 release. 

¢ Section 2.1, “What’s New (OES 11 SP3),” on page 15 

¢ Section 2.2, “What’s New (OES 11 SP2),” on page 15 

¢ Section 2.3, “What’s New (OES 11 SP1),” on page 17 

¢ Section 2.4, “What’s New (OES 11),” on page 17 


What’s New (OES 11 SP3) 


Besides bug fixes, there are no other changes for this component. 


What’s New (OES 11 SP2) 


Novell Remote Manager provides the following enhancements and changes in OES 11 SP2: 


Managing AFP Services 


The AFP plug-in for Novell Remote Manager allows you to manage AFP connections and open files 
for Novell AFP users. For an overview of the AFP plug-in, see “Managing AFP Services” (http:// 
www.novell.com/documentation/oes11/mgmt_remotemgr_Ix/data/nrm_afp.html) in the OES 11 SP2: 
Novell Remote Manager Administration Guide (http://www.novell.com/documentation/oes11/ 
mgmt_remotemgr_|x/data/front.html). 


Managing CIFS Services 


The CIFS plug-in for Novell Remote Manager allows you to manage CIFS connections and open files 
for Novell CIFS users. For an overview of the CIFS plug-in, see “Managing CIFS Services” (http:// 
www.novell.com/documentation/oes11/mgmt_remotemgr_Ix/data/nrm_cifs.html) in the OES 11 SP2: 
Novell Remote Manager Administration Guide (http://www.novell.com/documentation/oes11/ 
mgmt_remotemgr_|x/data/front.html). 


Ganglia and Nagios Health Monitoring Tools 


Ganglia and Nagios open source health monitoring tools replace the Health Monitor function in Novell 
Remote Manager in OES 11 SP2. Unlike the Health Monitor, Ganglia and Nagios tools do not use 
SFCB for management communications. See “Diagnosing Problems Using Ganglia and Nagios (OES 
11 SP2)” (http:/Avww.novell.com/documentation/oes11/mgmt_remotemgr_|x/data/ 
health_ganglia_nagios.html) in the OES 11 SP2: Novell Remote Manager Administration Guide 
(http://www.novell.com/documentation/oes11/mgmt_remotemgr_|x/data/front.html). 
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Ganglia and Nagios Monitoring Tools Obsolete the NRM Health Monitor 


The Health Monitor function in Novell Remote Manager is obsoleted in OES 11 SP2. It is replaced by 
the Ganglia and Nagios open source monitoring tools, which do not use the Small Footprint CIM 
Broker (SFCB) for communications. For information about configuring and using Ganglia and Nagios 
to monitor the health of the server and services, see “Diagnosing Problems Using Ganglia and 
Nagios” (http://www.novell.com/documentation/oes11/mgmt_remotemgr_Ix/data/ 
health_ganglia_nagios.html) in the OES 11 SP2: Novell Remote Manager Administration Guide 
(http://www.novell.com/documentation/oes11/mgmt_remotemgr_|x/data/front.html). 


For information about using the Health Monitor in OES 11 SP1 and earlier releases, see “Diagnosing 
Problems Using Health Monitor (OES 11 SP1)” (http://www.novell.com/documentation/oes11/ 
mgmt_remotemgr_Ix/data/health_monitor_oes11sp1.html) in the OES 11 SP2: Novell Remote 
Manager Administration Guide (http://www.novell.com/documentation/oes11/mgmt_remotemgr_Ix/ 
data/front.html). 


Nagios Alert Notification Obsoletes HTTPSTKD Email Notification 


The Novell Remote Manager email notification system is obsoleted in OES 11 SP2. For health 
monitoring, it is replaced by the Nagios alert notification system, which is used to send alerts from the 
Ganglia and Nagios health monitoring tools. 


After you install or upgrade to OES 11 SP2, the Novell Remote Manager email notification system is 
not available. The commands mailserver and mailto are not found in the HTTPSTKD configuration 
file (/etc/opt /novell/httpstkd. conf) for a new install, and they are no longer supported after an 
upgrade. 


Other functions or plug-ins that leveraged the HTTPSTKD email notification commands do not work 
with the Nagios alert notification system. Thus, they do not work in OES 11 SP2. For example, the 
NCP Server plug-in Manage NCP Services, the Send option in the Email Report column no longer 
works on the NCP Inventory Reports page and the NCP Trustee Reports page. This issue will be 
addressed in a future release. 


In order to receive health monitoring alerts from Ganglia and Nagios, you must configure Nagios and 
its alert notification system. You must set up an email address for the nagiosadmin user. You can 
define other Nagios contacts. You can set up various notification methods for each Nagios contact, 
and assign the contacts to receive notifications for designated monitored services. For more 
information, see “Configuring Nagios” (http://www.novell.com/documentation/oes11/ 
mgmt_remotemgr_Ix/data/nagios-config.html) and “Configuring Nagios Notification System for 
Contacts” (http://www.novell.com/documentation/oes11/mgmt_remotemgr_Ix/data/ 
nagios_notifications.html) in the OES 11 SP2: Novell Remote Manager Administration Guide (http:// 
www.novell.com/documentation/oes11/mgmt_remotemgr_Ix/data/front.html). 


Support for Internet Explorer 10 


Web-based access to Novell Remote Manager is supported for the Internet Explorer 10 web browser 
in the desktop user interface view for Windows 7 clients and Windows 8 clients. 


Availability for prior releases: January 2013 Scheduled Maintenance for OES 11 and OES 11 SP1 


Support for Safari 6.0 on Mac OS X 10.8 


Web-based access to Novell Remote Manager is supported for the Apple Safari 6.0 web browser on 
Mac OS X 10.8 clients. 


Availability for prior releases: January 2013 Scheduled Maintenance for OES 11 and OES 11 SP1 
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2.3 


2.4 


What’s New (OES 11 SP1) 


Novell Remote Manager supports OES 11 SP1 running on 64-bit SUSE Linux Enterprise Server 
(SLES) 11 SP2. In addition to bug fixes, the following enhancement is available: 


NCP Server Plug-In: NCP Trustee Report 


Under Manage NCP Services, the new View Trustee Reports option opens the NCP Trustee Reports 
page where you can generate a trustee report for a specified NSS volume. You can display the last 
trustee report in the web browser, or send the report to the email addresses that you have 
preconfigured for Novell Remote Manager. The trustee report shows the rights settings by folder for 
each user or group that is a trustee on the NSS volume. For information, see “Generating and 
Viewing NCP Trustee Reports for NSS Volumes” (http://www.novell.com/documentation/oes11/ 
mgmt_remotemgr_Ix/data/trustee_reports.html) in the OES 11 SP1: Novell Remote Manager 
Administration Guide (http:/Awww.novell.com/documentation/oes11/mgmt_remotemgr_Ix/data/ 
front.html). 


What’s New (OES 11) 


Novell Remote Manager has been modified to run on Novell Open Enterprise Server 11. In addition to 
bug fixes, the following changes and enhancements are available: 


HttpOnly Command 


The HttpOnly configuration option is available in the Novell Remote Manager /etc/opt /novell/ 
httpstkd.conf file. By default, Novell Remote Manager sets an HttpOnly cookie attribute that 
specifies that the cookie is not accessible through a script. This helps mitigate the risk of cross-site 
scripting. For information, see “HttpOnly Command” (http:/Avww.novell.com/documentation/oes11/ 
mgmt_remotemgr_Ix/data/httponly.html) in the OES 11: Novell Remote Manager Administration 
Guide (http://www.novell.com/documentation/oes11/mgmt_remotemgr_Ix/data/front.html). 


InventoryResolveNonLumOwnerName Command 


The InventoryResolveNonLumOwnerName configuration option is available in the Novell Remote 
Manager /etc/opt/novell/httpstkd.conf file. This allows you to choose whether the inventory of 
a Novell Storage Services (NSS) volume reports the names of owners as the Nobody user if their 
eDirectory usernames are not enabled with Linux User Management. By default, this option is set to 
false (not resolved) in order to give you faster performance for an inventory of files on an NSS 
volume. For information, see “InventoryResolveNonLumOwnerName Command” (http:// 
www.novell.com/documentation/oes11/mgmt_remotemgr_Ix/data/bwv2pua.html) in the OES 11: 
Novell Remote Manager Administration Guide (http://www.novell.com/documentation/oes11/ 
mgmt_remotemgr_Ix/data/front.html). 


SSL Key Cipher Strength Command 


You can set the cipher strength for the SSL key in the /etc/opt/novell/httpstkd.conf file. The 
default allows any encryption level. A setting of High is recommended. For information, see “SSL Key 
Cipher Strength Command?” (http://www.novell.com/documentation/oes11/mgmt_remotemgr_Ix/data/ 
budlpt0.html) in the OES 11: Novell Remote Manager Administration Guide (http://www.novell.com/ 
documentation/oes11/mgmt_remotemgr_|x/data/front.html). 
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VNC Consoles 


The root user can view VNC consoles from within Novell Remote Manager. This capability requires 
that the HttpOnly security feature be disabled in the /etc/opt/novell/httpstkd.conf file. For 
information, see “HttpOnly Command?” (http://www.novell.com/documentation/oes11/ 
mgmt_remotemgr_Ix/data/httponly.html) in the OES 11: Novell Remote Manager Administration 
Guide (http://www.novell.com/documentation/oes11/mgmt_remotemgr_Ix/data/front.html). 


General File Inventory 


On the File System Listing page (View File System > View File System Listing), the Inventory link 
generates a General File Inventory report with statistics about the files stored on a selected file 
system path or sub-folder path. For information, see “Inventorying Directories or NCP Volumes” (http:/ 
/www.novell.com/documentation/oes11/mgmt_remotemgr_Ix/data/b2kl4kn.html) in the OES 11: 
Novell Remote Manager Administration Guide (http://www.novell.com/documentation/oes11/ 
mgmt_remotemgr_Ix/data/front.html). 


NCP Volume Inventory 


+ The View File Systems > NCP Volume Inventory option allows you to view a list of NCP volumes 
and generate inventories for them. 


+ The Volume Information page (Manage NCP Services > Manage Shares, then click the NSS 
volume name link), for a volume provides an Inventory option to generate an inventory. This 
provides the same output as running View File System > General File Inventory for Linux paths 
and for View File Systems > NCP Volume Inventory for NCP volumes. 


+ An inventory report is saved when you run an inventory on an NCP volume. You can view the 
last saved report by going to the Manage NCP Services > Volume Inventory Reports page and 
clicking the View Last Report > Display option for the volume. The saved report provides the 
same statistics as running View File Systems > NCP Volume Inventory. Graphics are not 
available in a saved report. 


+ You can email a saved NCP volume inventory report to addresses that are configured in the / 
etc/opt/novell/httpstkd.conf file. To send the report, go to the Manage NCP Services > 
Volume Inventory Reports page and click the Email Report > Send option for the volume. 


¢ Ina file inventory for NSS volumes, the File Owner Profile reports the eDirectory identity of the 
file owner without requiring the users to be enabled with Linux User Management (LUM). 


For information, see “Inventorying Directories or NCP Volumes” (http://Awww.novell.com/ 
documentation/oes11/mgmt_remotemgr_Ix/data/b2kl4kn.html) in the OES 11: Novell Remote 
Manager Administration Guide (http://www.novell.com/documentation/oes11/mgmt_remotemgr_|x/ 
data/front.html). 


Open Connections for NCP Volumes and NSS Volumes 


On the Connection Information page (Manage NCP Services > Manage Connections, then select a 
connection link under Connections) for a selected connection, the Open Files list now links to the file 
and lock details for each file that is held open by a connection. For information, see “Viewing 
Connections for NCP Server” (http://www.novell.com/documentation/oes11/file_ncp_lIx/data/ 
ba47cgt.html) in the OES 11: NCP Server for Linux Administration Guide (http://www.novell.com/ 
documentation/oes11/file_ncp_lx/data/h9izvdye.html). 
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Salvage and Purge Deleted Files for NSS Volumes 


On the Share Information page (Manage NCP Services > Manage Shares, then click the Information 
(i) icon to the left of the NSS volume name) and on the Directory Information page (Manage NCP 
Services > Manage Shares), then navigate to a directory of interest and click the Directory 
Information icon to the left of the directory name), the following capabilities were added for salvaging 
and purging deleted files for NSS volumes where the Salvage attribute is enabled: 


¢ The Salvageable Files list option allows you to view a list of deleted files that are available for 
salvage or purge in the selected directory on an NSS volume. 

¢ The Purge option allows you to permanently remove a deleted file from the file system. 

+ The Salvage option allows you to recover a deleted file. 


¢ The Purge all files option allows you to permanently remove all deleted files on a selected 
volume. 


For information, see “Salvaging and Purging Deleted Files on an NSS Volume?” (http:// 
www.novell.com/documentation/oes11/mgmt_remotemgr_Ix/data/nssactions.html#nsssalvage) in the 
OES 11: Novell Remote Manager Administration Guide (http://www.novell.com/documentation/oes11/ 
mgmt_remotemgr_Ix/data/front.html). 


Create, Rename, and Delete Directories 


On the Directory Information page (View File System > View File System Listing, navigate to the 
directory of interest, then click the Directory Information icon to the left of the directory name), the 
following capabilities were added: 


+ The Delete Directory and Contents option allows you to recursively delete a selected folder and 
its contents. 

+ The Rename Directory option allows you modify the name of a selected directory. 

¢ The Create Subdirectory option allows you to create subdirectories in the selected directory. 


+ The Create Symbolic Link option allows you to create a symbolic link in the selected directory. 


For information, see “Viewing Details about Directories and Performing Actions on Them” (http:// 
www.novell.com/documentation/oes11/mgmt_remotemgr_Ix/data/butlqoph.html#butltrr) in the OES 11: 
Novell Remote Manager Administration Guide (http://www.novell.com/documentation/oes11/ 
mgmt_remotemgr_Ix/data/front.html). 


NSS Volume Share Information 


On the Share Information page (Manage NCP Services > Manage Shares, then click the Information 
(i) icon to the left of the NSS volume name), the following capabilities were added: 


¢ Additional details about the volume are displayed, such as the sector size and loaded name 
spaces. 


+ For NSS volumes, the Compression option shows whether the Compression attribute is enabled 
for the volume. 


NSS Volume Directory and File Listing 


On an NSS volume’s Directory and File Listing page (Manage NCP Services > Manage Shares, then 
click the NSS volume name link), the following capabilities were added: 


+ The Text Search option allows you to search the content of files for a specified text string. 


¢ The File Search option allows you to search for a file on the selected volume. 
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+ The Inventory option generates an NCP Volume Inventory report with statistics about the files 
stored on a selected volume. 
+ The Upload option allows you to upload a file to the selected volume. 
For information, see “Browsing Files and Performing Actions on NSS Volumes” (http:// 
www.novell.com/documentation/oes11/mgmt_remotemgr_Ix/data/nssactions.html) in the OES 11: 


Novell Remote Manager Administration Guide (http://www.novell.com/documentation/oes11/ 
mgmt_remotemgr_Ix/data/front.html). 
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Migrating Novell Remote Manager from 
NetWare to OES 11 


Novell Remote Manager for Novell Open Enterprise Server (OES) 11 Service Pack 3 (SP3) runs on 
servers with OES 11 services installed. This section contains information about the following: 


¢ Section 3.1, “Coexistence,” on page 21 


¢ Section 3.2, “Migration,” on page 21 


3.1 Coexistence 


¢ Section 3.1.1, “Compatibility,” on page 21 
¢ Section 3.1.2, “Coexistence Issues,” on page 21 


This section provides information regarding the compatibility and coexistence of Novell Remote 
Manager for OES 11 with existing networks containing NetWare or OES platforms. 


3.1.1 Compatibility 


When you create a group, you can get server health status from a NetWare server running 
NetWare 6.0 or later or from an OES Linux server running OES 1 or later. 


3.1.2 Coexistence Issues 


Monitoring on Linux servers that are not running the owcimomd module can report only an Up/Down 
status. 


3.2 Migration 


There is no need to migrate Novell Remote Manager from NetWare to Novell Remote Manager for 
Linux. Novell Remote Manager is selected for installation when any pattern from Open Enterprise 
Server is installed. 


You can combine server groups for monitoring NetWare and OES servers. You can save the group 
file locally or to an eDirectory object. See “Saving a Group” on page 98 and “Accessing an Existing 
Group” on page 99. 


Configuring Novell Remote Manager is somewhat different on an OES server than a NetWare server. 
See “Changing the HTTPSTKD Configuration” on page 37. 


Some tasks that are available in Novell Remote Manager for NetWare are not available on Novell 
Remote Manager for Linux, such as IP Address Management. You have the functionality to monitor 
the server health for individual servers or groups of servers, the ability to load and unload programs, 
and access console screens. 
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The following features are available for Novell Remote Manager for Linux that are not available for 
NetWare: 


+ Dynamic Storage Technology. For information, see OES 11 SP3: Dynamic Storage Technology 
Administration Guide. 


+ NCP (NetWare Control Protocol) server and NCP volumes (shares) on Linux POSIX file 
systems. For information, see OES 11 SP3: NCP Server for Linux Administration Guide. 
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Managing a Virtualized Linux Server with 
Novell Remote Manager 


Using Novell Remote Manager for Linux to access and manage a virtualized Novell Open Enterprise 
Server (OES) 11 or later server is the same in every way as accessing and managing a physical OES 
11 or later server. It requires no special configuration or other changes. 


To get started with Xen virtualization, see the Virtualization with Xen (http:/www.suse.com/ 
documentation/sles11/book_xen/data/book_xen.html). 


To get started with KVM virtualization, see the Virtualization with KVM (http:/Awww.suse.com/ 
documentation/sles11/book_kvm/data/book_kvm.html). 


For information about setting up virtualized OES 11, see “Installing, Upgrading, or Updating OES ona 
VM” in the OES 11 SP3: Installation Guide. 


To get started with third-party virtualization platforms, such as Hyper-V from Microsoft and the 
different VMware product offerings, refer to the documentation for the product you are using. 
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5.1 


5.2 


Installing Novell Remote Manager for 
Linux 


Novell Remote Manager is installed as a Novell Open Enterprise Server (OES) 11 SP3 service 
pattern in the YaST Install. This section contains the following information: 
¢ Section 5.1, “Installing Novell Remote Manger During the Initial Server Installation,” on page 25 


¢ Section 5.2, “Installing Novell Remote Manager After the Initial Server Installation,” on page 25 


Installing Novell Remote Manger During the Initial 
Server Installation 


To install Novell Remote Manager during the OES 11 SP3 installation or while adding OES 11 SP3 on 
an existing server, select the Novell Remote Manager (NRM) pattern to install Novell Remote 
Manager. 


It does not require any additional configuration during the installation and does not display on the 
Installation Settings page. For information about changing the configuration after the installation is 
complete, see Chapter 7, “Changing the HTTPSTKD Configuration,” on page 37. 


For a list of RPMs that it installs, see Appendix B, “Novell Remote Manager Packages,” on page 171. 


Installing Novell Remote Manager After the Initial 
Server Installation 


If you did not install Novell Remote Manager when you first installed OES 11 SP3, do the following to 
install and configure Novell Remote Manager: 

1 Open YaST. 

2 Click Open Enterprise Server > OES Install and Configuration. 

3 Select the Novell Remote Manager (NRM) pattern. 


Selecting this pattern automatically selects the Novell Linux User Management (LUM) and 
Novell Backup/Storage Management Services (SMS) patterns. 


4 (Conditional) If you want only the Novell Remote Manager pattern installed, deselect the Novell 
Linux User Management (LUM) and Novell Backup/Storage Management Services (SMS) 
patterns. 


If you have only Novell Remote Manager installed, then you can log in to Novell Remote 
Manager only as user root or a local Linux user. 


If you log in as a local Linux user, you can see only the information that the user you log in as has 
rights to view. 


5 Click Accept. 


6 If necessary, complete any required information for other services selected on the Novell Open 
Enterprise Server Configuration summary page. When all the settings on the Novell Open 
Enterprise Server Configuration summary page are set as desired, click Next. 
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The necessary files are installed and configuration of the services are completed. 


No additional configuration during the installation for Novell Remote Manager is required. For 
information about changing the configuration after the installation is complete, see Chapter 7, 
“Changing the HTTPSTKD Configuration,” on page 37. 


For a list of RPMs that it installs, see Appendix B, “Novell Remote Manager Packages,” on 
page 171. 
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Accessing Novell Remote Manager for 
Linux 


This section includes information about the following: 


Section 6.1, “System Requirements,” on page 27 

Section 6.2, “Accessing Novell Remote Manager,” on page 28 

Section 6.3, “Starting or Stopping HTTPSTKD,” on page 30 

Section 6.4, “Understanding the Layout of Novell Remote Manager,” on page 30 
Section 6.5, “Accessing Configuration Options,” on page 35 

Section 6.6, “Accessing Online Help,” on page 36 

Section 6.7, “Accessing Novell Web Pages,” on page 36 


6.1 System Requirements 


o 


o 


o 


Supported web browsers: 
¢ Mozilla Firefox 12 or later 


+ Microsoft Internet Explorer (IE) 8 and 9. IE 10 and 11 are supported for Windows 7 and 8 
clients in the desktop view only. 


+ Apple Safari 5 and Safari 6.0 (for Mac OS X Mountain Lion (version 10.8) clients only) 
+ Google Chrome 21 or later 
+ KDE Konqueror 4 or later, with limited functionality 


Certificate handling requires SSL 2.0 or later or TLS 1.0 or later to be enabled in your web 


browser. Otherwise, the browser displays an error indicating that the page cannot be displayed. 


We recommend the higher security options of SSL 3.0 or the latest TLS if it is available. 
The HTTPSTKD package must be loaded and running on the server. 


For information about starting or restarting the httpstkd daemon, see Section 6.3, “Starting or 
Stopping HTTPSTKD,” on page 30. 


This package is selected for installation by the Novell Remote Manager pattern. The Novell 
Remote Manager (NRM) pattern is selected for installation when you install any of the OES 
Services patterns on Linux unless you deselect it. 


For information about installing Novell Remote Manager, see Chapter 5, “Installing Novell 
Remote Manager for Linux,” on page 25. 


For package details, see “Novell Remote Manager Packages” on page 171. 
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6.2 Accessing Novell Remote Manager 


You typically log in as the Linux root user to manage all functions in Novell Remote Manager. The 
root user can access Novell Remote Manager even when eDirectory is not available. 


Some functions support access by administrator users who are eDirectory users and who are also 
enabled for Linux with Linux User Management (LUM-enabled). If LUM is enabled in your tree and it 
is installed and configured on the server, you can log in to Novell Remote Manager using your 
eDirectory credentials. For instructions on enabling Linux, see “Setting Up Linux Computers to Use 
eDirectory Authentication” in the OES 11 SP3: Novell Linux User Management Administration Guide. 


If you log in as a local Linux user or as a non-Admin LUM-enabled eDirectory user, you can see only 
the information that the user has rights to view. Typically, access is restricted to a view of the Linux file 
systems where the user has file system access rights. 


There are two specific things to remember when logging in to Novell Remote Manager as a LUM- 
enabled eDirectory user: 


¢ If eDirectory and LUM are installed on the local server, the eDirectory user Admin can log in to 
Novell Remote Manager using its fully distinguished name (admin.context) because this user is 
enabled for Linux User Management by default in this case. 


In order for a user to log in to Novell Remote Manager as user Admin or equivalent, you must 
configure either of the following permissions for the Admin user: 


+ The Admin user must be associated to the group that has the Supervisor right for the Entry 
Rights property for the UNIX Workstation object. 


+ The Admin user must have the Supervisor right for the Entry Rights to the NCP object that 
represents the Linux server in the eDirectory tree. 


IMPORTANT: With either of these permissions, the eDirectory user is granted limited root user 
privileges when logged in to the server. The user can modify only the configuration files 
necessary for configuring NRM or any other files that NRM has been assigned rights to allow 
modifying. 


¢ In order for non-Admin users to log in using eDirectory credentials, they must be users enabled 
for Linux User Management. 


Users who are enabled for Linux User Management have a Linux Profile tab on their Modify User 
page in iManager. They also have an eDirectory object that is associated with the UNIX 
Workstation object that represents the Linux server. 


You can use iManager or the LUM command line utility namuseradd to enable users for Linux 
User Management. For instructions, see “Overview” in the OES 11 SP3: Novell Linux User 
Management Administration Guide. 


The Admin user has limited file system rights equivalent to root. The user can modify only the 
configuration files necessary for configuring NRM or any other files that NRM has been assigned 
rights to allow modifying. For a list of these files, see Section 19.1, “Security Features,” on page 153. 
The user Admin or equivalent user has access according to the Linux and LUM file rights to all other 
files. 
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To access to Novell Remote Manager: 


1 Open a web browser. 


2 Point the browser to the URL of the server you want to manage by entering the following in the 
Address (URL) field: 


http://server_ip address:8008 
or 


https://server_ip address:8009 


If you specify HTTP and port 8008, you are automatically re-directed to use secure HTTP 
(HTTPS) and port 8009. 


For example, either of the following URLs take you to a secure SSL login page for Novell 
Remote Manager on the specified server: 


http://172.16.123.11:8008 


https://172.16.123.11:8009 


3 Accept the SSL certificate. 


Certificate handling requires SSL 2.0 or later, or TLS 1.0 or later, to be enabled in your web 
browser. Otherwise, the browser displays an error indicating that the page cannot be displayed. 
We recommend the higher security options of SSL 3.0 or the latest TLS if it is available. 


4 When the login dialog box appears, provide the required Username and Password credentials. 


Typically, you log in with the Linux root user name and password. 


Novelle Remote Manager 


Username: (username or username.context - context is allowed but ignored) 
[root | 


Password 
eeccecceccee | 


“Login il | Reset 


Copyright 1998-2011 Novell, Inc. All rights reserved. 


5 Use the links in Novell Remote Manager to view, configure, and manage the server. 


For information about navigating in Novell Remote Manager, see Section 6.4, “Understanding 
the Layout of Novell Remote Manager,” on page 30. 


6 After your session for Novell Remote Manager is complete, click the Exit icon to log out, 
then close the web browser. 


After you log in, your session for Novell Remote Manager remains open until you log out or close 
your web browser. There is no automatic time-out period that triggers a logout. For security 
reasons, you should also close the browser windows at that workstation after you log out. 
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6.3 Starting or Stopping HTTPSTKD 


When you install and configure the Novell Remote Manager pattern on Open Enterprise Server 
(OES) 11 server, Novell Remote Manager is started by default. 


A script for starting and stopping the Novell Remote Manager/Linux components is in /etc/init.d/ 
novell-httpstkd. Enter the following commands at a console shell prompt to perform the desired 
action: 


Table 6-1 Commands for Starting, Stopping, or Checking the Status of Novell Remote Manager 


Task Command 
To see whether the module is running renovell-httpstkd status 
or 


/etc/init.d/novell-httpstkd status 


To restart HTTPSTKD renovell-httpstkd restart 


or 


/etc/init.d/novell-httpstkd restart 


To start HTTPSTKD renovell-httpstkd start 
or 


/etc/init.d/novell-httpstkd start 


To stop HTTPSTKD renovell-httpstkd stop 
or 


/etc/init.d/novell-httpstkd stop 


6.4 Understanding the Layout of Novell Remote 
Manager 


The web pages for Novell Remote Manager have three main frames: the header frame (top), the 
navigation frame (left), and the main content frame (right). They also contain the Overall Health 
Indicator and online help. 


Figure 6-1 on page 31 shows the overall layout of Novell Remote Manager for OES 11 SP2 or later. 
Figure 6-2 on page 32 shows the overall layout of Novell Remote Manager for OES 11 SP1 and 
earlier. For OES 11 SP2 or later, the key additions are the Novell CIFS plug-in to manage CIFS 
connections and the Novell AFP plug-in to manage AFP connections. Under the Diagnose option, the 
Health Monitor function is obsoleted by the use of Ganglia and Nagios open source software to 
monitor system performance and services health. The overall health status displayed in the header 
frame is based on the status of services monitored on the Nagios Service Detail page. 
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Figure 6-1 Layout of Novell Remote Manager for OES 11 SP2 and Later 
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Figure 6-2 Layout of Novell Remote Manager for OES 11 SP1 and Earlier 
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See the following sections for more information about the layout of the Novell Remote Manager 
Home page: 

¢ Section 6.4.1, “Header Frame,” on page 33 

¢ Section 6.4.2, “Overall Health Indicator,” on page 33 

¢ Section 6.4.3, “Navigation Frame,” on page 34 

¢ Section 6.4.4, “Program Plug-Ins in the Navigation Frame,” on page 35 

¢ Section 6.4.5, “Main Content Frame,” on page 35 

¢ Section 6.4.6, “Online Help,” on page 35 
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6.4.1 


6.4.2 


Header Frame 
The header frame contains the toolbar and general information about the server. 


User: (root) ge N 


avalon Linux 3,0.82-0.7-default x86_64, SUSE Linux Enterprise Server 11 (86_64) - Up Time: 3001:3203 


The toolbar buttons link to the following functions: 


d [æ] Home 


The File System Management page is considered the Home page. 


+ Exit 


Log out of your current session with Novell Remote Manager. For security reasons, you should 
also close the web browser Window. 


+ Health Monitor (Nagios Service Detail in OES 11 SP2 and later) 


For information about configuring and using Nagios to monitor services, see Section 8.5, 
“Configuring Nagios,” on page 53. 


a 
vy s 
+ Configure 


For information about Novell Remote Manager Configuration Options, see Chapter 7, “Changing 
the HTTPSTKD Configuration,” on page 37. 


The general information about the server includes the following: 


+ Name of the user you logged in as to Novell Remote Manager (typically, the root user) 
¢ Overall health indicator 
¢ Server hostname 
¢ Version of the Linux kernel running on the server 
+ Hardware platform 
¢ Operating system running on the server 
+ Up time for the server (the amount of time the server has been running since the last reboot) in 
the format of days:hh:mm:ss. 
You can also access Novell Support (http://www.novell.com/support) by clicking the Novell big red N 


icon N onthe right side of the header frame. 


Overall Health Indicator 


The Overall Health Indicator shows the current server health status as good, suspect, bad, or no 
connection. For OES 11 SP3, the status is determined from the services that you configure to be 
monitored by Nagios. The indicator changes if any Nagios-monitored service has a problem alert. If 
there are multiple alerts, the indicator represents the worst reported health condition. You can click 
the Server Health icon (Shown in Table 6-2) to go to the Nagios Service Detail page and view the 
health statistics and alerts for the monitored services. By default, only basic services are set up to be 
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6.4.3 


monitored by Nagios. In order for the Overall Health Indicator to consider the health of additional 
services, you must configure them to be monitored by Nagios. For information about configuring and 
using Nagios, see Section 8.5, “Configuring Nagios,” on page 53. 


Table 6-2 Overall Server Health Status Conditions 


Overall Health Status 


Server Health Icon 


Icon Description 


Good EG Green orb in a white circle 
et 
Suspect ED Yellow diamond in a white circle 
Bad mt Red bar in a white circle 
Df 
No connection to the server TO Black X in a white circle 
aczi 


Navigation Frame 


The navigation frame lists general tasks that you can perform, and provides links to specific pages for 
performing those tasks. The left navigation frame includes collapsible categories that are 

remembered the next time you log in. This lets you display the Novell Remote Manager features that 
you use most often and hide some of the ones that you don't. 


IMPORTANT: When you work in Novell Remote Manager, you must use the navigation links provided 
in the tool. Using the browser's Back button can result in unintended actions being re-sent to the 


server. 


Basic links in the navigation frame are identified in Table 6-3. 


Table 6-3 Standard Roles in the Navigation Frame 


Roles 


Diagnose 


Description 


Monitor the health of the server and 
services. 


For more information, see 


Chapter 8, “Diagnosing Problems 
Using Ganglia and Nagios (OES 11 
SP3),” on page 45 


View File System 


Browse the file system, view 
information about files, folders, and 
partitions, and generate inventories. 


Chapter 9, “Viewing File Systems,” 
on page 69 


Manage Linux 


View information about kernel 
modules, packages, and 
processes. Schedule CRON jobs. 


Chapter 10, “Managing Linux,” on 
page 77 


Manage Hardware 


View information about processors, 
interrupts, memory, ports, and 
SMBIOS. 


Chapter 11, “Managing Hardware,” 
on page 87 


Use Group Operations 


Configure groups of servers to be 
monitored collectively. 
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Chapter 12, “Using Group 
Operations,” on page 93 


6.4.4 


6.4.5 


6.4.6 


6.5 


Program Plug-Ins in the Navigation Frame 


The links in the navigation frame change depending on the programs installed on the server that have 
plug-ins to Novell Remote Manager. The plug-ins are installed automatically when you install the 


related OES Services. 


Table 6-4 Program Plug-in Roles in the Navigation Frame 


OES Service 


NCP Server and Dynamic Storage 
Technology 


Roles in the Navigation Frame 


Manage NCP Services allows you 
to manage NSS volumes, NCP 
volumes, DST volumes, NCP 
volume inventories, and NCP 
connections on the server. 


For more information, see 


Chapter 13, “Managing NCP 
Services,” on page 105 


OES 11 SP3: NCP Server for Linux 
Administration Guide 


Dynamic Storage Technology 
Options allows you to configure and 
manage Dynamic Storage 
Technology volumes and policies. 
The DST functions are integrated 
with Manage NCP Services. 


Chapter 14, “Managing Dynamic 
Storage Technology Options,” on 
page 133 


OES 11 SP3: Dynamic Storage 
Technology Administration Guide 


Novell CIFS Manage CIFS Services allows you Chapter 15, “Managing CIFS 
to manage Novell CIFS Services,” on page 137 
connections on the server. 
OES 11 SP3: Novell CIFS for Linux 
Administration Guide. 
Novell AFP Manage AFP Services allows you to Chapter 16, “Managing AFP 


manage Novell AFP connections on 
the server. 


Main Content Frame 


Services,” on page 141 


OES 11 SP3: Novell AFP for Linux 
Administration Guide 


The information in the main content frame changes depending on which link you click in the header or 
navigation frame. The File System Management page is considered the Home page. 


Online Help 


When a Help icon appears in the upper-right corner of a page in the main content frame, you can 
view help for the page that is displayed. 


Accessing Configuration Options 


Click the Configure icon in the header frame to access the Configuration Options page. Use this 


page to configure the following: 


+ HTTP Interface Management 


+ Nagios Configuration Options (only for OES 11 SP2 and later) 
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6.7 


+ 


+ 


+ 


Restart the Nagios daemon 

Restart the httpstkd daemon 

HTTP Logs 

Novell Remote Manager Certificate Management 
Novell Remote Manager Schema Management 


Enable/disable the httpstkd daemon core file 


For information about setting options, see Chapter 7, “Changing the HTTPSTKD Configuration,” on 
page 37. 


Accessing Online Help 


Online help, which provides detailed information and instructions for using Novell Remote Manager 
features, is available for most management tasks and settings. 


To access the online help, click the Help icon on the upper right portion of the page or next to the 
specific item link. 


Accessing Novell Web Pages 


Novell Links on the Home (File System Management) page provide quick access to the following: 


Novell Support (http://www.novell.com/support/) links directly to the Novell Support website, 
where you can get current server patch kits and updates or find troubleshooting information. 


You can also access Novell Support by clicking the Novell big red N icon N onthe right side of 
the header frame. 


Novell Error Codes (http://www.novell.com/documentation/nwec/index.html) links directly to the 
information about Novell Error Codes, including what they mean and possible causes and 
actions for them. 


Novell Product Documentation (http:/Awww.novell.com/documentation) links directly to the 
product documentation for all shipping Novell products. 


Novell Developer Support (http://www.novell.com/developer/) links directly to the Novell 
Developer website, where you can find tips and suggestions beyond the basics for managing, 
troubleshooting, and diagnosing your server. 
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[ Changing the HTTPSTKD Configuration 


When Novell Remote Manager (NRM) is installed, it sets up a small web server on your server. The 
interface and module is called HTTPSTKD. It automatically sets its basic configuration parameters 
that allow it to work. 


You might need to configure Novell Remote Manager after the initial installation for a variety of 
reasons. For example, you might want to bind additional IP addresses to HTTPSTKD, set up stronger 
security, or extend the eDirectory schema for Group Monitoring. 


You can perform these tasks using the options on the Novell Remote Manager Configuration Options 


page, as shown in Figure 7-1. To access this page, click the Configure icon in the header frame. 


For OES 11 SP3, the Configuration Options page also provides links for Nagios Configuration 
Options. For information about changing the Nagios configuration, see Section 8.5, “Configuring 
Nagios,” on page 53. 
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Figure 7-1 The Novell Remote Manager Configuration Options Page 


Novell Remote Manager Configuration Options 


HTTP Interface Management 

WARNING: You must restart httpstkd in order to apply changes in these config files. 
Edit httpstkd config file 

Edit httpstkd PAM config file 


Nagios Configuration Options 
Edit Nagios cqi config file 

Edit Nagios command config file 

Edit Nagios config file 

Edit Nagios object command config file 
Edit Nagios object contact config file 
Nagios User Management. 


View last 100 log entries 
View entire log 


Novell Remote Manager Certificate Management 


httpstkd has been configured to use the YAST CA certificate. 


Create an OpenSSL Certificate and confiqure httpstkd to use the OpenSSL Certificate. 
Enable access using SSLv2 Certificates 


Novell Remote Manager Schema Management 
Disabled: You must be logged in as a eDirectory user with admin rights to apply Novell Remote Manager schema extensions. 


httpstkd Daemon Core File : Enabled 


urrent Working Directory: /opt/novell/httpstkd/sbin 


On this page you can perform the following tasks: 


¢ Section 7.1, “Accessing and Editing the HTTPSTKD Configuration File,” on page 39 

¢ Section 7.2, “Accessing and Editing the HTTPSTKD PAM Configuration File,” on page 40 
+ Section 7.3, “Restarting the HTTPSTKD Daemon,” on page 41 

¢ Section 7.4, “Viewing the HTTP Logs,” on page 41 

¢ Section 7.5, “Viewing and Creating Certificates for Novell Remote Manager,” on page 41 


+ Section 7.6, “Extending the eDirectory Schema for Novell Remote Manager Group Operations,” 


on page 43 
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7.1 


Accessing and Editing the HTTPSTKD 


Configuration File 


Anytime you want to change the functionality of Novell Remote Manager, access the /etc/opt/ 
novell/httpstkd.conf file, modify the settings, then restart the HTTPSTKD daemon. 


To access and edit this file from within Novell Remote Manager: 


1 Log in to Novell Remote Manager as the root user. 


2 Click the Configure icon in the navigation frame. 


3 Click Edit httpstkd config file. 
4 Make the changes. 
5 Click Save Changes. 


You can alternatively open the /etc/opt /novell/httpstkd. conf file in a text editor that saves files 


to a UNIX format, edit the file, then save the file. 


After making changes to this file and saving it, restart the HTTPSTKD daemon. See “Restarting the 
HTTPSTKD Daemon” on page 41. You can also restart it manually as described in Section 6.3, 


“Starting or Stopping HTTPSTKD,” on page 30. 


Table 7-1 identifies the functions that are controlled by settings in the Novell Remote Manager 
configuration file, and provides links to information about how to change them. 


Table 7-1 Information for Changing the Functionality of Novell Remote Manager 


Functionality 


Which network adapter Novell Remote Manager is 
bound to or add additional IP address that it is bound 
to 


Information about How to Change 


Section A.1, “Address and Port Commands,” on 
page 159 


The certificates Novell Remote Manager is using for 
authentication 


The cipher strength of the SSL key that is used to 
access Novell Remote Manager 


+ Section 7.5, “Viewing and Creating Certificates 
for Novell Remote Manager,” on page 41 


+ Section A.1, “Address and Port Commands,” on 
page 159 


Section A.9, “SSL Key Cipher Strength Command,” on 
page 168 


The HttpOnly attribute for cookies in a response 
header 


Section A.5, “HttpOnly Command,” on page 164 


The InventoryResolveNonLumOwnerName option for 
resolving names of NSS volume file owners if their 
eDirectory user names are not LUM enabled 


Section A.6, “InventoryResolveNonLumOwnerName 
Command,” on page 165 


Which plug-ins are loaded 


Which workstations can access Novell Remote 
Manager 


For OES 11 SP1 and earlier, whether an email 
notification is sent for the Health Monitor tool or who 
receives it 


Section A.8, “Load Command,” on page 167 


Section A.4, “Filtering Commands,” on page 163 


Section A.3, “Email Notification Commands (OES 11 
SP1 and Earlier),” on page 162 
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Functionality Information about How to Change 


Which users can log in to Novell Remote Manager + Section A.2, “Disable Auto LUM Command,” on 
page 160 
+ Section A.10, “Supervisor Only Command,” on 
page 168 
The language the browser supports Section A.7, “Language Commands,” on page 165 


Accessing and Editing the HTTPSTKD PAM 
Configuration File 


Linux uses PAM (Pluggable Authentication Modules) in the authentication process as a layer that 
mediates between user and application. PAM modules are available on a system-wide basis, so they 
can be requested by any application. 


Every program that relies on the PAM mechanism has its own configuration file in the directory /etc/ 
pam.d/program_name. These files define the PAM modules that are used for authentication. In 
addition, there are global configuration files for most PAM modules under /etc/security directory, 
which define the exact behavior of these modules (examples are pam_env.conf, pam_pwcheck.conf, 
pam_unix2.conf, and time.conf). Every application that uses a PAM module actually calls a set of 
PAM functions, which then processes the information in the various configuration files and returns the 
results to the calling application. 


This file controls the authentication to Novell Remote Manager on an OES Linux server. The default 
configuration should work. If you want to change the way your users authenticate to Novell Remote 
Manager, you can edit this file. 


These are the lines that enable Novell Remote Manager integration with user management: 


auth sufficient pam_nam.so 
account sufficient pam_nam.so 
password sufficient pam_nam.so 
session optional pam_nam.so 


To access and edit this file from within Novell Remote Manager: 


1 Log in to Novell Remote Manager as the root user. 


2 In Novell Remote Manager, click the Configure icon in the navigation frame. 

3 Click Edit httpstkd PAM config file. 

4 Make the changes. 

5 Click Save Changes. 

6 After making changes to this file, restart the HTTPSTKD daemon. See “Restarting the 
HTTPSTKD Daemon” on page 41. 


You can alternatively use an editor that saves files to a UNIX format to edit the /etc/pam.d/ 
httpstkd file. After changing the file, restart the HTTPSTKD daemon. See “Restarting the 
HTTPSTKD Daemon” on page 41. 


For more information about the PAM configuration file and the options available, see “Authentication 
with PAM” (http://www.suse.com/documentation/sles11/book_security/data/cha_pam.html) in the 
SUSE Linux Enterprise Server 11 Security Guide (http:/Awww.suse.com/documentation/sles11/ 
book_security/data/book_security.html). 
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7.3 


1.4 


1.5 


Restarting the HTTPSTKD Daemon 


After making changes to the HTTPSTKD configuration file or the HTTPSTKD PAM configuration file, 
restart the HTTPSTKD daemon. 


To restart the HTTPSTKD daemon, click Restart httpstkd on the Novell Remote Manager 
Configuration Options page. 


You can also restart it manually. See “Starting or Stopping HTTPSTKD” on page 30. 


Viewing the HTTP Logs 


The Novell Remote Manager Configuration Options page contains a link for all the HTTPSTK-related 
messages contained in the /var/log/messages file. 


This information is valuable for seeing who logged in through Novell Remote Manager, when they 
logged in, the pages being viewed, log failures, and so on. 


You can view the last 100 entries of the log or the entire log. 


To view this log: 


1 Click the Configure icon in the navigation frame. 
2 Under the HTTP Logs heading, click either View last 100 log entries or View entire log. 


The logging to this file is controlled by the Syslog options. To change these default syslog options, 
edit the etc/sysconf/syslog file. 


Viewing and Creating Certificates for Novell 
Remote Manager 


Novell Remote Manager uses the default certificates created during the installation to secure access 
through it to the server. This certificate is bound to the first network board found in the server 
configuration. 


During the install of eDirectory on a new server installation, there is a check box to have all HTTP 
services use an eDirectory certificate. HTTPSTKD uses that certificate if this check box is selected or 
the YAST CA certificate if it is not selected. On upgrades, the check box in eDirectory is not selected, 
so certificates that were previously used are maintained. 


You can create new certificates and modify the /etc/opt /novell/httpstkd.conf file to use any 
certificates other than the default certificate file for any reason. You should create a new certificate in 
cases such as the following: 

+ The default certificate does not meet the level of security required by your organization 

+ The default certificate was bound to a DHCP address 

+ You have changed the server’s IP address 


+ You want to bind a new certificate to a different network board 
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To view the certificates being used: 


1 Click the Configure icon in the navigation frame. 


2 Under the Novell Remote Manager Certificate Management heading, click View Certificate(s). 


To create a new certificate: 


1 Click the Configure icon in the navigation frame. 
2 Under the Novell Remote Manager Certificate Management heading, click Create Certificate. 


3 On the Create a Certificate for Novell Remote Manager page, specify the required information in 
the Certificate Information fields. 


This creates a new certificate and automatically replaces the current certificate at /etc/opt/ 
novell/httpstkd/server.pem. 


If you want to create the certificate in a different location or with a different name, change the file 
name or path in the Certificate File field. 


4 Click Create. 


5 (Conditional) If you changed the name of the certificate file or the path to it from the default 
location, edit the /etc/opt /novell/httpstkd.conf before restarting HTTPSTKD. 


6 Restart HTTPSTKD by clicking the Restart Httpstkd button on the Novell Remote Manager 
Configuration Options page. 


To bind Novell Remote Manager to an additional IP address to or to a different certificate: 


1 Click the Configure icon in the navigation frame. 
2 Click Edit httpstkd config file. 


3 Inthe Address and Port portion of the file, specify the new IP address or certificate path and 
name. 


For example, if you had two network boards that you wanted to bind Novell Remote Manager to, 
you would create or have two separate certificates and then make these entries in the /etc/ 
opt/novell/httpstkd.conf file: 


addr 192.27.1.123:8008 
addr 192.27.1.123:8009 keyfile=/etc/opt/novell/httpstkd/server.key certfile=/ 
etc/opt/novell/httpstkd/serverl.pem 


addr 192.27.1.124:8008 
addr 192.27.1.124:8009 keyfile=/etc/opt/novell/httpstkd/server.key certfile=/ 
etc/opt/novell/httpstkd/server2.pem 


You can put the certificate in any location as long as the entry in the /etc/opt/novell/ 
httpstkd.conf points to the correct location and file name. 
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Extending the eDirectory Schema for Novell 
Remote Manager Group Operations 


When you use Group Operations and want to save the groups that you have created, Novell Remote 
Manager requires you to save the file on the server locally or assign it to an eDirectory object. 


Before you can save it to an eDirectory object, you must extend the eDirectory schema to access the 
attributes for Novell Remote Manager group operations at least once in the eDirectory tree that you 
are saving to. 


You can do this easily by clicking either the Extend eDirectory Schema for Group Operations link on 
the Novell Remote Manager Configuration Options page any time before you create a group or the 
link in the failure error message displayed when saving the group. As with all schema extensions, you 
must have the necessary rights to extend the schema. 


The message NDS schema extension complete is displayed on this page when the operation is 
done. Then you can save the group. 
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8.1 


Diagnosing Problems Using Ganglia and 
Nagios (OES 11 SP3) 


Novell Remote Manager includes several tools to assist you in monitoring the health and status of 
your server and services. Beginning in Novell Open Enterprise Server (OES) 11 SP2, Novell Remote 
Manager uses the open source monitoring tools Ganglia and Nagios to monitor the health of the 
server and the services and applications running on it. The tools provide complementary health 
monitoring functions. Ganglia gathers server metrics and tracks trends over time. Nagios monitors 
health and provides an alert and notification system. You can use these tools to become familiar with 
the normal health and status of your server. They can help you identify and diagnose problems with 
your server. 


IMPORTANT: The Health Monitor function in Novell Remote Manager is obsoleted in OES 11 SP2 or 
later. It is replaced by the Ganglia and Nagios open source monitoring tools, which do not use the 
Small Footprint CIM Broker (SFCB) for communications. 


Performing the following tasks can help you to become familiar with the health and status of your 
servers: 

¢ Section 8.1, “Monitoring Server Health,” on page 45 

¢ Section 8.2, “Configuring Ganglia,” on page 47 

¢ Section 8.3, “Stopping and Starting Ganglia gmond and gmetad,” on page 50 

¢ Section 8.4, “Monitoring Server Health with Ganglia,” on page 50 

¢ Section 8.5, “Configuring Nagios,” on page 53 

¢ Section 8.6, “Monitoring Service Health with Nagios,” on page 60 

¢ Section 8.7, “Restarting Nagios,” on page 61 

¢ Section 8.8, “Managing Nagios Users,” on page 61 

¢ Section 8.9, “Modifying the Nagios Notification Methods for Contacts,” on page 64 

¢ Section 8.10, “Configuring Nagios Logging,” on page 64 

¢ Section 8.11, “Viewing the PIDs or Monitoring the Health of Processes,” on page 66 

¢ Section 8.12, “Monitoring or Killing an Individual Process,” on page 67 

¢ Section 8.13, “Troubleshooting a Suspect or Bad Health Status,” on page 68 


Monitoring Server Health 


Monitoring the health of your server can help prevent it from getting to a state in which your users 
cannot access the server or the data on it. Novell Remote Manager allows you to monitor the server’s 
overall health and the health of a specific item. 


¢ Section 8.1.1, “Viewing the Overall Server Health Status,” on page 46 
¢ Section 8.1.2, “Setting the Health Status Refresh Rate,” on page 46 
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8.1.1 


8.1.2 


Viewing the Overall Server Health Status 


The server's overall health is indicated by the color of the circle displayed next to the Server icon K& 
in the header frame for Novell Remote Manager. The following table lists and explains each health 
status that might be displayed. 


Table 8-1 Server Health Status 


Icon Server Health Explanation 

Status 
RX Good All parameters included in the server's health configuration list are good. 
Ea Suspect The status of one or more of the parameters included in the server's health 
— configuration list is suspect or has a minor problem. 
fm Bad The status of one or more of the parameters included in the server's health 
ea configuration list is bad or has a critical problem. 
ei Lost The connection to the server from Novell Remote Manager has been lost. 
lda 


connection 


The server's overall health is determined by services that you configure to be monitored by Nagios. 


If the status of any Nagios-monitored service changes to yellow (Suspect) or red (bad), the health 
status indicator light in the header frame changes to indicate there is a problem. If more than one item 
changes, the worst status indicates the server’s overall status. When the status for all items returns to 
green (good), then the health light indicator changes back to green (good). 


Setting the Health Status Refresh Rate 


The server's health status, reported by the health status indicator, is updated every five seconds, but 
the graphic refreshes only if the status changes. 


¢ To modify the refresh rate, select a rate from the Page Refresh Rate drop-down menu, then click 
Begin Refresh. The selected refresh rate applies to this page only, and persists until you modify 
the value. 


¢ To stop refreshing the page, select Stop Refresh. The page does not refresh until you click Begin 
Refresh. 


¢ To begin refreshing after stopping, select Begin Refresh. The last used refresh rate is applied 
automatically when it begins. 
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8.2.1 


Configuring Ganglia 


Ganglia is an open source monitoring tool that collects server metrics and graphically displays their 
trends over the past hour, day, week, month, or year. It shows similar graphs for memory usage, disk 
usage, network statistics, number of running processes, and all other Ganglia metrics. The Ganglia 
Monitoring daemon (gmond) has a low overhead and does not impact user performance. 


The Ganglia UI has embedded help to guide you in using the services on each tab. For additional 
information, see Ganglia Monitoring System (http://ganglia.info) on the web. 

¢ Section 8.2.1, “Ganglia Requirements,” on page 47 

¢ Section 8.2.2, “Configuring Ganglia gmond in Multicast Mode or Unicast Mode,” on page 48 


Ganglia Requirements 
Ganglia requires the following settings in order to display the server health statistics: 


+ “Port 8649” on page 47 
¢ “Time Synchronization” on page 47 


Port 8649 


If a firewall is enabled on the server, you must open port 8649 in order to use Ganglia. By default, the 
gmond daemon communicates on UDP port 8649, and the gmetad daemon downloads metrics data 
over TCP port 8649. The port is specified in udp_send_channel, udp _recv_channel, and 
tcp_accept_ channel parameters in the /etc/opt /novell/ganglia/monitor/gmond.conf file. If 
you have firewall rules that block traffic on those ports, your metrics do not show up in the monitoring 
dashboard. You must restart the Ganglia gmond and gmetad daemons after you open the port in the 
firewall. 


1 Log in to the server as the Linux root user, then open a terminal console. 


2 Open port 8649 in the firewall. Enter 


SuSEfirewall2 open EXT UDP 8649 
SuSEfirewall2 open EXT TCP 8649 


3 Restart gmond and gmetad. Enter 


rcenovell-gmond stop 

rcenovell-gmetad stop 
renovell-gmetad start 
rcenovell-gmond start 


Time Synchronization 


If your Ganglia server monitors the health of multiple computers, ensure that the time on the gmond 
server is correct and matches the gmetad that is collecting data. The timestamp used to update the 
gmetad round-robing database (RRD) files are in the Universal Time Coordinated (UTC) standard, 
which is the international time standard. 


Consider using the same Network Time Protocol (NTP) time source on the group of machines in 
order to keep their time synchronized. NTP is an industry standard. It ensures accurate timekeeping 
by synchronizing clocks to UTC time. If a firewall is enabled on the servers, ensure that you open the 
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firewall on UDP port 123 to allow NTP traffic. After you configure NTP, delete the current gmetad 
round-robin databases (RRDs) in the /var/opt/novell/ganglia/rrds subdirectories, and then 
restart gmond and gmetad. 


1 Log in to the server as the Linux root user, then open a terminal console. 


2 Open port 123 in the firewall. Enter 
SuSEfirewall2 open EXT UDP 123 


3 Configure NTP on the server. 


For information about configuring NTP, see “Time Services” in the OES 11 SP3: Planning and 
Implementation Guide. 


4 Ina file browser, delete the current gmetad round-robin databases (RRDs) in the /var/opt/ 
novell/ganglia/rrds directory. 


5 Restart gmond and gmetad. Enter 


renovell-gmond stop 

rcenovell-gmetad stop 
rcenovell-gmetad start 
renovell-gmond start 


Configuring Ganglia gmond in Multicast Mode or Unicast 
Mode 


Ganglia uses the gmond daemon to gather health monitoring statistics. It keeps a cache of all metrics 
in memory. Ganglia uses the gmetad daemon to periodically poll the gmond daemon to store the 
metrics in a storage engine. By default, Novell Remote Manager configures Ganglia in multicast 
mode. Both the gmond daemon and the gmetad run on the same server. 


The gmond daemon can alternatively be configured in unicast mode. You can also configure it to 
monitor in groups of servers, called Ganglia clusters. For more information, see the Ganglia Quick 
Start Guide (http://sourceforge.net/apps/trac/ganglia/wiki/ganglia_quick_start) on the Ganglia Project 
(http://sourceforge.net/apps/trac/ganglia/) website. 


¢ “Using Ganglia in Multicast Mode” on page 48 
+ “Using Ganglia in Unicast Mode” on page 49 


¢ “Configuring gmond for Server-Centric Monitoring” on page 49 


Using Ganglia in Multicast Mode 


By default, the Ganglia gmond daemon is configured in multicast mode, and that is how it is installed 
for Novell Remote Manager. Ganglia settings for gmond are in the /etc/opt /novell/ganglia/ 
monitor/gmond.conf file. 


The gmond daemon’s global parameters are set for it to be both a sender (mute=no) and a receiver 
(deaf=no). The gmond daemon aggregates all metrics sent to it from other hosts running Ganglia in 
the same IP subnet, or in the same Ganglia cluster (if configured). There is no need to list every 
single host, because a gmond set in receive mode automatically contains the list of all hosts and 
metrics in the subnet (or in the same Ganglia cluster, if configured). Metrics and their metadata 
(metric groups, types and so on) are sent separately. If Ganglia is restarted while using multicast 
mode, gmond servers can talk to each other, and will ask for metadata if it is missing. 
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Ganglia settings for gmetad are in the /etc/opt /novell/ganglia/monitor/gmetad.conf file. Its 
root directory for the round-robin databases (RRDs) is the /var/opt/novell/ganglia/rrds 
directory. The data source for the localhost is named Grid-Node, and its metrics RRD files are 
found in the /var/opt /novell/ganglia/rrds/Grid-Node directory. 


You can turn off multicasting to view statistics only for the single server where you are logged in to 
Novell Remote Manager. For more information, see “Configuring gmond for Server-Centric 
Monitoring” on page 49. 


Using Ganglia in Unicast Mode 


Unicast mode has less traffic than multicast mode does, but it is more complex to configure. In 
unicast mode, the default behavior for handling metadata is as follows: 


+ The gmond daemon sends metadata only when it is started. 


¢ If Ganglia is restarted while using unicast mode, metadata is discarded and its corresponding 
metrics data are also discarded. 


+ Ganglia does not ask for metadata if it is missing. 


The unicast behavior might result in blank graphs on the host-view page if the collecting gmond is 
restarted while working in unicast mode. Restarting all of the non-collector gnond daemons makes 
the metric graphs reappear; however, this might not be feasible for large Ganglia clusters. If you use 
the unicast mode to monitor multiple servers, you should enable the global parameter 
send_metadata_interval in the /etc/opt/novell/ganglia/monitor/gmond.conf file, and set it 
to something other than 0. A setting of 30 to 60 seconds works in most environments. Setting this 
variable to a non-zero value makes the gmond processes periodically announce their metrics, and 
the graphs reappear on the host-view page. 


For more information about configuring Ganglia in unicast mode, see the Ganglia Quick Start Guide 
(http://sourceforge.net/apps/trac/ganglia/wiki/ganglia_quick_start) on the Ganglia Project (http:// 
sourceforge.net/apps/trac/ganglia/) website. 


Configuring gmond for Server-Centric Monitoring 


You can modify the /etc/opt /novell/ganglia/monitor/gmond.conf file to set up Ganglia to 
monitor only its own statistics as a single server. 

1 Log in to the server as the root user. 

2 Open the /etc/opt/novell/ganglia/monitor/gmond.conf file in a text editor. 


3 Find the section udp _send_channel and replace it with the following: 


udp_send_ channel { 
#bind_hostname = yes 
#mcast_join = 239.2.19.61 
host = <server_hostname> 
port = 8649 
#ttl = 1 

} 


You comment out the mcast_join parameter and the ttl parameter. 


You add the host parameter and set it to the hostname for the server, such as avalon. You can 
get the server’s host name from the command line with the following command: 


hostname --fqdn 


4 Find the section udp _recv_channel and replace it with the following: 
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udp _recv_channel { 
#mcast_join = 239.2.19.61 
port = 8649 
#bind = 239.2.19.61 


} 


You comment out the mcast_join parameter and the bind parameter. 
5 Save and close the file. 


6 Open a terminal console, and then stop and start both gmond and gmetad: 


rcenovell-gmond stop 
rcnovell-gmetad stop 


rcenovell-gmetad start 
renovell-gmond start 


8.3 Stopping and Starting Ganglia gmond and gmetad 


1 Log in to the server as the Linux root user, then open a terminal console. 
2 Restart gmond and gmetad. Enter 


rcenovell-gmond stop 
rcenovell-gmetad stop 


renovell-gmetad start 
renovell-gmond start 


8.4 Monitoring Server Health with Ganglia 


The Diagnose > Server Health Values task presents the Ganglia Web Frontend interface in the Novell 
Remote Manager browser frame. You can use this page to monitor your server's health statistics. The 
Ganglia UI has embedded help to guide you in using the services on each tab. For additional 
information, see Ganglia Monitoring System (http://ganglia.info) on the web. 

1 Access the Ganglia dashboard, using one of the following methods: 


+ Log in to Novell Remote Manager as the Linux root user or as a LUM-enabled 
administrator user. 


¢ Select Diagnose > Server Health Values to go to the Ganglia main dashboard. Continue to 
Step 2 on page 51. 


or 


+ In aweb browser, go to the Ganglia URL: 


http://<server_ip address>/gweb 
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Continue to Step 3 on page 53. 


Main Search Views Aggregate Graphs Compare Hosts Events Automatic Rotation Live Dashboard Mobile 


Grid-Node Cluster Report for Tue, 14 Jan 2014 04:08:15 +0000 Get Fresh Data 


Last | hour 2hr 4hr_ day week month year orfrom H to I Go Clear Physical View 
Metric |load_one Sorted ascending descending by name 
Grid > Grid-Node > --Choose a Node œ Show only nodes matching Filter Max graphs to show all X 


Overview of Grid-Node @ 2014-01-14 04:08 


CPUs Total: 1 Grid-Node Cluster Memory last hour 
Hosts up: 1 Grid-Node Cluster Load Last hour | 206f 
Hosts down: 0 


Current Load Avg (15, 5, 1m): 
59%, 75%, 84% 


Avg Utilization (last hour): 


2% m: L 
© me 00 
gs i aon ne 206 1a 
Utilization heatmap Zem Max 2233m 
2 ee ee 
L me 188 
Grid-Node Cluster CPU last hour 
100? 
“ Grid-Node Cluster Network Last hour 
z m? 
Se) er wr 
F o« y wk 
Bag i 
= | l ii = we 
° > ë x» 
20 20 20 4 n wk 
Bue ke EA fin ON ig LA Mee LA . 
Bimas SR fin OR Me LA mee Ik mn m m 
Gut me SA fin OM ave 2A mee DA Min Now: 1. Minio. Avgi 2.3 Max: 64,1 
Olle ter LIN Hin KN tvs MA Mw SA Bot New 1.% Min: 91.6 we 2.4 Max: 52.7% 
Stacked Graph - load_one 
Grid-Node aggregated load_one Last hour 
Lat 
aa 
220 20:2 20:39 2240 20:30 21:00 
B localhost 
Avg Total 0.40 Current Total 0.84 
Avg Average: 0.20 Current Average: 0.42 
Show Hosts Scaled: Auto Same None | Grid-Node load_one last hour sorted by name | Size small X 
Columns 4 œ (0 = metric + reports) 
eamat 


2 If you are prompted with a security warning that the page contains mixed content (both secure 
and non-secure elements), select the option to show all content. 


The Novell Remote Manager frame sends secure content. However, Ganglia uses scripts to 
graphically display statistics that send the statistical data via HTTP instead of HTTPS. 
Depending on how your web browser is configured to handle mixed content on a web page, the 
Ganglia statistics might not be displayed in the graph windows. 


+ Firefox: In Firefox 23 and later, when you access a page with both HTTPS and HTTP 


content, a shield icon © appears in the address bar, and the browser automatically blocks 
certain content such as non-secure scripts. To allow mixed content, right-click the shield 
icon, then select Disable Protection on This Page. After you disable protection, an orange 


alert icon Ê appears in the address bar and makes you aware that the displayed page 
contains mixed content. 
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€ © A https://137.65.67 37-8009 


Firefox has blocked content that isn't secure. 
User: 
$ Most websites will still work properly even when this 
A content is blocked. 
3p j 
Learn more Aggregate ¢ 
— Dashboard 
+ Vj | Keep Blocking | v l l 
H Manage Linux T aval Disable Protection on This Page 
+] Manage Hardware 16: ‘i: x Not Now 


In a Mozilla Firefox 22 and earlier web browser, you receive a warning, but content is not 
automatically blocked. A Security Warning pop-up dialog box reports: You have 
requested an encrypted page that contains some unencrypted information. Click 
OK to dismiss the warning and allow mixed content to be displayed. 


Security Warning 


You have requested an encrypted page that contains some unencrypted information. Information that 
you see or enter on this page could easily be read by a third party. 


C] Alert me whenever I'm about to view an encrypted page that contains some unencrypted information 


Bok 


A round shield © icon replaces the lock to the left of the https:// in the address bar. Right- 
click the icon to view the message that advises: Your connection to this site is only 
partially encrypted, and does not prevent eavesdropping. 


Internet Explorer: In a Microsoft Internet Explorer web browser, the pop-up dialog box is 
displayed at the bottom of the page and reports: Only secure content is displayed. 
Click Show all content to dismiss the warning and allow mixed content to be displayed. 


Only secure content is displayed. What's the risk? Show all content 


Chrome: In a Google Chrome web browser, a shield appears at the end of the URL in the 
address bar. It warns: This page includes scripts from unauthenticated 
resources. Right-click the shield, then click Load Unsafe Script. 


This page includes script from unauthenticated sources. 


Load unsafe script a 


Learn more Done 


While mixed content is displayed in Chrome, the green text https: // and lock in the URL 
& htpsv/, which indicates secure-only content, is automatically changed to red text that is 
crossed out and a gray lock with a red X | & sas. 
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3 Select any of the following tabs to search, configure events to monitor, or define reports: 
¢ Search 
+ Views 
+ Aggregate Graphs 
+ Compare Hosts 
+ Events 
+ Automatic Rotation 
¢ Live Dashboard 
+ Mobile 


Configuring Nagios 


Nagios is an open source monitoring tool. You can configure it to monitor the health of the server 
systems and services. It also provides an alert and notification system. 


The information in this section provides basic information to get you started using Nagios. For 
detailed information about configuring and using Nagios to monitor your server and services, see 
other sections in this guide. See also the open source Nagios Documentation (http://www.nagios.org/ 
documentation) at Nagios.org. 

¢ Section 8.5.1, “Configuring Nagios Authenticated Users and Contacts,” on page 53 

¢ Section 8.5.2, “Configuring Nagios Monitoring,” on page 57 

¢ Section 8.5.3, “Accessing the Nagios Website,” on page 59 

¢ Section 8.5.4, “Using Nagios Plug-Ins,” on page 59 

¢ Section 8.5.5, “Using Object Configuration Files,” on page 60 

¢ Section 8.5.6, “Additional Information,” on page 60 


Configuring Nagios Authenticated Users and Contacts 


Nagios user accounts are specific to the Nagios software. The accounts have nothing to do with the 
local server user names or eDirectory user names. 


There are two levels of access for Nagios users: 


+ Authenticated user: a Nagios user who is granted access to the web-based Nagios monitoring 
dashboard. 


+ Authenticated contact: An authenticated Nagios user whose user name is also defined in the 
Nagios Object Contact configuration file (/etc/nagios/objects/contacts.cfg) and has 
permissions to access CGI information as defined in the Nagios CGI configuration file (/etc/ 
nagios/cgi.cfg) and other object configuration for services that are monitored. 


By default, the Nagios user nagiosadmin is already configured in Nagios as a user, a contact, anda 
member of the contact group admins. This user is also authorized to access server and services 
information and to issue host or service commands via the command CGI configuration file (/etc/ 
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nagios/cgi.cfg). However, you must configure a password for the nagiosadmin user in order to log 
in to the Nagios Service Details website. You must configure a valid email address for the 
nagiosadmin contact in order to receive alerts via the Nagios alert notification system. 

¢ “Setting or Modifying the Password for the nagiosadmin User” on page 54 

¢ “Setting or Modifying an Email Address for the nagiosadmin Contact” on page 55 

e “Using the Nagios admins Contact Group” on page 57 


Setting or Modifying the Password for the nagiosadmin User 


By default, Nagios defines one default user nagiosadmin with no password in the /etc/nagios/ 
htpasswd.users file. Novell Remote Manager requires passwords to be set for any Nagios user. 
Thus, before you can access the web-based Nagios Service Details report for the first time, you must 
specify a password to use for the user nagiosadmin. 


IMPORTANT: Do not delete the nagiosadmin user. 


To configure a password for user nagiosadmin: 


1 Log in to Novell Remote Manager as the Linux root user. 


2 Click the Configure icon in the toolbar to go the Novell Remote Manager Configuration Options 
page. 


3 Under Nagios Configuration Options, click Nagios User Management. 


Edit Nagios cgi config file 

Edit Nagios command config file 

Edit Nagios config file 

Edit Nagios object command config file 
Edit Nagios object contact config file 


| Restart Nagios | 


4 On the Nagios User Management page, specify nagiosadmin as the Nagios user name. 


Nagios User Management 


Nagios User Information 


Nagios Username |nagiosadmin | 
Nagios Password |eeccee | 
Confirm Nagios Password 
[ Create User | 
| Delete User | 


5 Type a password, then type it again to confirm. 
6 Click Create User. 


The user name and password are saved in the /etc/nagios/htpasswd.users file. The 
password is stored in encrypted format. The password is enforced on the next login to Nagios. 
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7 When a message confirms that the user nagiosadmin was created in Nagios with the password 
you provided, click OK to dismiss the message. 


Nagios User Management 


Nagios User Information 


The username nagiosadmin was created with the entered password for use in Nagios. 
Lox | 


For information about configuring additional Nagios users and the tasks they can perform, see 
Section 8.8, “Managing Nagios Users,” on page 61. 


Setting or Modifying an Email Address for the nagiosadmin Contact 


By default, Nagios defines the nagiosadmin user as a contact in the /etc/nagios/objects/ 
contacts.cfg file. It sets the email for the contact to nagios@localhost. In order to receive 
notification alerts from the Nagios alert notification system, you must replace this email setting with a 
valid email address. You must restart Nagios to apply the changes. 


IMPORTANT: Do not delete the nagiosadmin contact or its email definition line in the /etc/nagios/ 
objects/contacts.cfg file. 


To configure an email address for the contact nagiosadmin: 


1 Log in to Novell Remote Manager as the Linux root user. 


2 Click the Configure icon in the toolbar to go the Novell Remote Manager Configuration Options 
page. 
3 Under Nagios Configuration Options, click Edit Nagios object contact config file. 


This opens the /etc/nagios/objects/contacts.cfg file in the Novell Remote Manager text 
editor. 


Edit Nagios cgi config file 

Edit Nagios command config file 

Edit Nagios config file 

Edit Nagios object command config file 
Edit Nagios object contact config file 
Nagios User Management 

| Restart Nagios | 


4 Scroll down to the contact definition section for nagiosadmin, and then replace 


nagios@localhost with the email address (such as bob@example.com) where you want to 
receive alert notifications that are sent to nagiosadmin. 
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letc/nagios/objects/contacts.cfg 


# Just one contact defined by default - the Nagios admin (that's you) 

# This contact definition inherits a lot of default values from the ‘generic- 
contact’ 

# template which is defined elsewhere. 


define contact{ 


contact_name nagiosadmin ; Short name of user 

use generic-contact ; Inherit default 
values from generic-contact template (defined above) 

alias Nagios Admin ; Full name of user 

email bob@example.com ; <<*##** CHANGE THIS TO 


YOUR EMAIL ADDRESS *####* 
} 


Seer eeee ses ers ses e estes esses sess este sess ese es esses sess ese sess esses sess ees 


| Save Changes | File Encoding ANSI © UTF-8 
5 Click Save Changes. 


The changes are saved in the /etc/nagios/objects/contacts.cfg file. You can verify the 
new saved date for the file. 


letc/nagios/objects 2 


‘MUpload AText Search HB inventory 


Directory Listing 


Info Name Ẹ] Size ¥ Date and time ¥ Attributes 
Thu 09 Jan 2014 09:37:55 PM 

fa a N/A NST. d wx wx 1.x 

ry nya Mon 13 Jan 2014 12:26:32 PM Bone 

E commands. cfg 7.710 Mon 11 Feb 2013 01:46:01 PM MST wwr 

contacts. cfg 2.167 MIKEAE wwr 


6 Click the Configure icon in the toolbar to return to the Novell Remote Manager Configuration 
Options page, then restart Nagios. 


6a Under Nagios Configuration Options, click Restart Nagios. 
6b When you are prompted to confirm the restart, click OK to proceed. 


Are you sure you want to restart Nagios? (Services provided by Nagios will temporarily be 
disabled.) 


cance | 


6c Wait while Nagios is restarted with the rcnagios restart utility. 


Nagios Restart 


nagios is being restarted with the "rcnagios restart” utility. 


When the restart is completed, Novell Remote Manager returns to the Configuration 
Options page. 
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Using the Nagios admins Contact Group 


Nagios defines a default contact group admins and adds the contact nagiosadmin as a member of 
the group in the contactgroup section of the /etc/nagios/objects/contacts.cfg file. 


If you create additional Nagios users and contacts, you can add them to the admins group. It is not 
necessary to create additional contact groups. However, Nagios also allows you to create other 
contact groups to make it easier to set up authorizations for Nagios users who have different roles. 


IMPORTANT: Do not remove the default contact group admins from the /etc/nagios/objects/ 
contacts.cfg file. Do not remove the Nagios contact nagiosadmin from the group admins. 


You can set up contacts, contact groups, and members of contact groups in the Nagios Object 
Contact configuration file on the Novell Remote Manager Configuration Options page (or in the /etc/ 
nagios/objects/contacts.cfg file). You must restart Nagios to apply the changes. 


Configuring Nagios Monitoring 


Nagios is automatically configured with basic monitoring settings for the server. The Nagios contact 
nagiosadmin has all the necessary authorizations to manage and use Nagios. 


You can also define other Nagios users and set them up as contacts, set the CGI and object 
authorizations for Nagios contacts, specify the systems and services to monitor, specify display 
preferences for the dashboard, set up logging preferences, and set up notifications. As the Linux 
root user, you can go to the Novell Remote Manager Configuration Options > Nagios Configuration 
Options in order to perform the tasks described in Table 8-2. 


Table 8-2 Nagios Configuration Options 


Nagios Configuration Option Related File or Command Description 


Edit Nagios cgi config file /etc/nagios/cgi.cfg Defines the CGI parameters and 
which contacts or contact groups 
are allowed to access them. 


Edit Nagios command config file /etc/nagios/commanad.cfg Defines commands, including 
service check, service notification, 
host check, host notification, 
service event handler, and host 
even handler. 


Edit Nagios config file /etc/nagios/nagios.cfg Specifies the main log file where 
service and host events are logged. 
For more information, see 
Section 8.10, “Configuring Nagios 
Logging,” on page 64. 


You can configure other Nagios 
parameters as defined in the 
configuration file. 


Edit Nagios object command config /etc/nagios/objects/commands.cfg Provides you with some sample 

file command definitions that you can 
reference in host, service, and 
contact definitions. 
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Nagios Configuration Option Related File or Command Description 


Edit Nagios object contact config /etc/nagios/objects/ By default, defines the 

file contacts.cfg nagiosadmin user as a contact and 
adds the contact to the contact 
group admins. You must specify an 
email address to use for alert 
notifications sent to the 
nagiosadmin contact. 


You can configure Nagios users as 
contacts and set up contact 
methods for each one, such as 
email, pager, cell phone, instant 
message, audio alert, and so on. 


You can also add a contact asa 
member of the default contact 
group admins, or create other 
contact groups and add contacts as 
members. 


Nagios User Management /etc/nagios/htpasswd.users Create a Nagios user name and 
password, or delete a Nagios user. 
You can also use this option to 
create the user name with a 
different password. 


For more information, see 
Section 8.8, “Managing Nagios 
Users,” on page 61. 


Restart Nagios renagios restart Restart the Nagios daemon after 
you make changes to the 
configuration files. 


Novell Remote Manager provides a text editor to modify the configuration files from the web browser. 
The configuration options are described in-line in each of the Nagios configuration files. After you 
modify the configuration files, you must restart Nagios to apply the settings. You can alternatively log 
in to the server as the Linux root user and use a text editor to modify the configuration files in the / 
etc/nagios folder. 


After you modify the configuration files, you should verify the configuration before you restart Nagios. 
The Nagios daemon will not start if the configuration contains errors. 


To verify your configuration, run Nagios with the -v command line option: 
/usr/sbin/nagios -v /etc/nagios/nagios.cfg 


If critical data is missing or wrong, Nagios displays a warning or error message that identifies the line 
in the configuration file that seems to be the source of the problem. Nagios might print only the first 
error it encounters to prevent the error from cascading the problem to subsequent settings in the file. 
If you get an error message, correct the line in the configuration file, then repeat the verification until 
no errors occur. Warning messages can generally be safely ignored, because they are 
recommendations and not requirements. 


OES 11 SP3: Novell Remote Manager Administration Guide 


8.5.3 


8.5.4 


Accessing the Nagios Website 


The Nagios website configuration file (/etc/apache2/conf .d/nagios.conf) uses basic 
authentication by default. Information and passwords are sent in clear text. 


IMPORTANT: You should access Nagios behind the firewall or via secure channels. 


You might see an Apache 403 Forbidden Warning error reported in Nagios after a new installation or 
upgrade to OES 11 SP3. For resolving this issue, see Section 18.3, “Apache 403 Warning Error 
Reported in Nagios on a New Installation or Upgrade to OES 11 SP3,” on page 150. 


When you click Nagios Service Detail, the monitoring dashboard opens in a pop-up browser window. 
If the pop-up blocker is enabled for your web browser, ensure that you disable the browser's pop-up 
blocker for the Nagios website (http://<server_ip_address or localhost>/nagios). 


Authentication is required by default. You are prompted to log in. You can log in as the default user 
nagiosadmin, or create and configure other Nagios users. 


To access the Nagios Service dashboard via Novell Remote Manager: 
1 Log in to Novell Remote Manager as the Linux root user or as a LUM-enabled administrator 
user. 
2 Select Diagnose > Server Health Services. 
3 Click Nagios Service Detail. 
4 When you are prompted to authenticate by Nagios Access, specify the user name and password 
of a Nagios user account, then click OK. 
To access Nagios reports via the native Nagios browser view: 
1 In a web browser, go to the Nagios URL: 
http://<server_ip address>/nagios 
2 When you are prompted to authenticate by Nagios Access, specify the user name and password 
of a Nagios user account, then click OK. 


3 Under Monitoring on the left panel of the server's Nagios home page, click Service Detail. 


Using Nagios Plug-Ins 


Nagios plug-ins are extensions to Nagios that allow you to monitor hosts, devices, services, 
protocols, and applications. A plug-in performs a specific type of check and reports the results to 
Nagios. 


The Nagios plug-ins package (nagios-plugins) provides a set of basic system monitoring plug-ins. 
It also includes plug-in libraries that are used by the basic plug-ins and additional plug-ins. You can 
also find Nagios plug-ins for a variety of services and applications on the Nagios Exchange (http:// 
exchange.nagios.org/) website. Currently, OES 11 SP2 or later does not provide plug-ins specifically 
designed for OES products and services. 


Novell Support for Nagios plug-ins is limited to the plug-ins provided by Novell. For information about 
using the Nagios basic plug-ins, see the Nagios Plug-ins Documentation (http://www.nagios- 
plugins.org/doc/index.html) on the Nagios Plug-Ins Project (http://www.nagios-plugins.org/) website. 
If you use third-party plug-ins or open source plug-ins, you must refer to the providers of those plug- 
ins for support. 
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A Nagios plug-in can be compiled binaries (written in programming languages such as C or C++) or 
executable scripts (Such as shell, Perl, or PHP). For information about how to create your own Nagios 
plug-ins, see the Nagios Plug-in Development Guidelines (http:/Awww.nagios-plugins.org/doc/ 
index.html) on the Nagios Plug-Ins Project (http://www.nagios-plugins.org/) website. 


8.5.5 Using Object Configuration Files 


Templates for Nagios object configuration files are in the /etc/nagios/objects directory. When you 
start or restart Nagios, it caches the object definitions in the /var/lib/nagios/objects.cache file. 
The CGls read information from the cache file, rather than directly from the object configuration files, 
in order to prevent inconsistencies that can occur if you modify the configuration files after Nagios 
starts. Thus, if you modify a configuration file, you must restart Nagios to apply the change. 


8.5.6 Additional Information 


For detailed information about configuring and using Nagios to monitor your server and services, see 
the Nagios Documentation (http://www.nagios.org/documentation) at Nagios.org. 


For additional information about CGI permissions, see Authentication and Authorization in the CGIs 
(http://nagios.sourceforge.net/docs/3_0/cgiauth.html) in the Nagios Core documentation. 


For information on troubleshooting Nagios, see Chapter 18, “Troubleshooting Novell Remote 
Manager,” on page 149. 


8.6 Monitoring Service Health with Nagios 


The Nagios website allows you to monitor the basic services and the services that you configure 
Nagios to monitor. 


You must set up the credentials for the nagiosadmin user before you can view the Nagios health 
website. For more information, see Section 8.5.1, “Configuring Nagios Authenticated Users and 
Contacts,” on page 53. 


You can also configure other Nagios users. For more information, see Section 8.8, “Managing Nagios 
Users,” on page 61. 


To monitor service health with Nagios: 
1 Log in to Novell Remote Manager as the Linux root user or as a LUM-enabled administrator 
user. 
2 Access the Nagios Service Detail page, using any of the following methods in Novell Remote 
Manager: 


+ Click the Overall server health status indicator icon © ; 


+ Click the Health Monitor icon in the header frame. 
+ Select Diagnose > Server Health Services. 


3 On the Nagios Service Detail page, click the Nagios Service Details link to view the Nagios 
website. 


4 When you are prompted, log in to Nagios using the Nagios credentials for the nagiosadmin user 
or log in another Nagios user that you have configured as a Nagios contact. 


You remain logged in to the Nagios website until you close the web browser. 
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For information about setting up Nagios users, see Section 8.8, “Managing Nagios Users,” on 
page 61. 


5 When you are done, close the web browser to log out of the Nagios website. 


8.7 Restarting Nagios 


To restart Nagios from Novell Remote Manager: 


1 Log in to Novell Remote Manager as the Linux root user. 


2 Click the Configure icon in the toolbar to go the Novell Remote Manager Configuration Options 
page. 

3 Under Nagios Configuration Options, click Restart Nagios. 

4 When you are prompted to confirm the restart, click OK to proceed. 


Are you sure you want to restart Nagios? (Services provided by Nagios will temporarily be 
disabled.) 


5 Wait while Nagios is restarted with the rcnagios restart utility. 


Nagios Restart 


nagios is being restarted with the "rcnagios restart” utility. 


When the restart is completed, Novell Remote Manager returns to the Configuration Options 
page. 


To restart Nagios from the command line: 
1 Log in to the server as the Linux root user, then open a terminal console. 


2 At the command prompt, enter 


renagios restart 


8.8 Managing Nagios Users 


The Nagios User Management tool allows you to add and delete Nagios users, or re-create users to 
configure new passwords for them. Before you can access the Nagios website, you must use this tool 
to set a password for the Nagios user nagiosadmin. 

¢ Section 8.8.1, “Creating or Re-Creating a Nagios User,” on page 62 

¢ Section 8.8.2, “Setting Passwords for Nagios Users,” on page 62 

¢ Section 8.8.3, “Deleting a Nagios User,” on page 62 

¢ Section 8.8.4, “Configuring Nagios Contacts and Notification Methods for Them,” on page 63 

¢ Section 8.8.5, “Configuring Nagios CGI Authorization for Contacts,” on page 63 
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8.8.1 


Creating or Re-Creating a Nagios User 


ao F&F OO N FP 


Log in to Novell Remote Manager as the Linux root user. 

Go the Novell Remote Manager Configuration Options page. 

Under Nagios Configuration Options, click Nagios User Management. 

Specify the user name for a Nagios user. 

Set the password for the Nagios user. Type a password, then type it again to confirm. 


Passwords are required by default. You must set a password to ensure that authentication is 
required to access the Nagios web-based dashboard. 


Click Create User. 


The user name and password are saved in the /etc/nagios/htpasswd.users file. The 
password is stored in encrypted format. The password is enforced on the next login to Nagios. 


If you are creating a new Nagios user, ensure that you configure the contact information for the 
user and the actions the user is allowed to make. Continue with the following sections: 


¢ Section 8.8.4, “Configuring Nagios Contacts and Notification Methods for Them,” on 
page 63 


+ Section 8.8.5, “Configuring Nagios CGI Authorization for Contacts,” on page 63 


8.8.2 Setting Passwords for Nagios Users 


8.8.3 


You typically set passwords for Nagios users when you create the user names. 


To add or modify a password for an existing Nagios user: 


oa fF WYN FP 


Log in to Novell Remote Manager as the Linux root user. 

Go the Novell Remote Manager Configuration Options page. 

Under Nagios Configuration Options, click Nagios User Management. 
Specify the user name for an existing Nagios user. 

Set the password for the user. Type a password, then type it again to confirm. 
Click Create User. 


The user name and password are saved in the /etc/nagios/htpasswd.users file. The 
password is stored in encrypted format. The password is enforced on the next login to Nagios. 


Deleting a Nagios User 


Only Nagios users are allowed to access the web-based Nagios dashboard. Do not delete the Nagios 
user name of a Nagios contact who needs access to the dashboard. 


IMPORTANT: Do not delete the default Nagios user nagiosadmin. 


1 
2 


3 
4 
5 


Log in to Novell Remote Manager as the Linux root user. 


Click the Configure icon in the toolbar to go to the Novell Remote Manager Configuration 
Options page. 


Under Nagios Configuration Options, click Nagios User Management. 
Specify the user name for an existing Nagios user. 


Ignore the Password and Confirm Password fields. 
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6 Click Delete User. 


The user name and password are removed from the /etc/nagios/htpasswd.users file. The 
access is denied on the user’s next login to Nagios. 


8.8.4 Configuring Nagios Contacts and Notification Methods for 
Them 


After you create a Nagios user, you should define the user as a Nagios contact, in order to control 
what that user is allowed to do and see. Define the contact in the Nagios Object Contact configuration 
file on the Novell Remote Manager Configuration Options page (or in the /etc/nagios/objects/ 
contacts .cfg file). You can use the nagiosadmin definition as a template. You must restart Nagios 
to apply the changes. 


To define a new contact: 


1 Log in to Novell Remote Manager as the Linux root user. 
2 Click the Configure icon to go to the Novell Remote Manager Configuration Options page. 


3 Under Nagios Configuration Options, click Nagios User Management, then create a user name 
and password for the user. 


For more information, see Section 8.8, “Managing Nagios Users,” on page 61. 
4 Under Nagios Configuration Options, click Edit Nagios Object Contact configuration. 


5 Add a contact definition for the existing user name, and provide a valid email address where you 
want to receive alert notifications for the user. 


6 (Optional) Add other contact methods to the contact definition, such as pager, cell phone, instant 
message, audio alert, and so on. 


7 (Optional) Add the contact name as a member of the contact group admins, or to another contact 
group that you have defined. 


8 Under the editing window, click Save Changes. 
9 Configure the contact or the contact group for CGI access. 


For more information, see Section 8.8.5, “Configuring Nagios CGI Authorization for Contacts,” 
on page 63. 


10 Under Nagios Configuration Options, click Restart Nagios to apply the changes. 


8.8.5 Configuring Nagios CGI Authorization for Contacts 


The Nagios CGI settings determine who has access to view monitoring and configuration information, 
and who can submit commands to the Nagios daemon through the web interface. By default, in the 
CGI configuration file (/etc/nagios/cgi.cfg), the Nagios contact nagiosadmin has all the 
necessary authorizations to manage and use Nagios: 

¢ System and process information 

¢ Configuration information 


¢ System and process commands via the Nagios command CGI file (/usr/lib/nagios/cgi/ 
cmd. cgi) 


+ All hosts information 
+ All services information 
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¢ All host-related commands via the Nagios command CGI file (/usr/lib/nagios/cgi/cmd.cgi) 
¢ All service-related commands via the Nagios command CGI file (/usr/lib/nagios/cgi/ 
cmd. cgi) 


You can configure a Nagios contact's authorization settings in the Nagios CGI configuration file on the 
Novell Remote Manager Configuration Options page (or in the /etc/nagios/cgi.cfg file). The 
configuration options are described in-line in the configuration file. You must restart Nagios to apply 
the changes. 


8.9 Modifying the Nagios Notification Methods for 
Contacts 


The Nagios notifications system is configured by default to send email notifications to the Nagios 
contact nagiosadmin. You must set the email address to use for nagiosadmin in the Nagios Object 
Contact configuration file on the Novell Remote Manager Configuration Options page (or in the /etc/ 
nagios/objects/contacts.cfg file). You must restart Nagios to apply the changes. For more 
information, see “Setting or Modifying an Email Address for the nagiosadmin Contact” on page 55. 


If you define other Nagios contacts, you must specify at least one notification method for the contact. 
In addition to email, Nagios can send notifications via pager, cell phone, instant message, audio alert, 
and so on. How notifications are sent depends on the notification commands that are defined in your 
object definition files. 


Each host and service definition has a contact_groups option that specifies which contact groups 
receive notifications for that particular host or service. Contact groups can contain one or more 
individual contacts. Each member contact receives alert notifications according the method 
configured in its contact definition. 


To configure the notification methods to use for Nagios contacts: 


1 Log in to Novell Remote Manager as the Linux root user. 
2 Go the Novell Remote Manager Configuration Options page. 
3 Under Nagios Configuration Options, click Edit Nagios Object Contact configuration. 


4 In each contact definition, use the email parameter to specify a valid email address where you 
want to receive alert notifications that are sent to them. For example, bob@example.com. 


You can use other notification parameters in a contact definition to specify alternative notification 
methods for the contact. 


5 Under the editing window, click Save Changes. 


6 Under Nagios Configuration Options, click Restart Nagios to apply the changes. 


8.10 Configuring Nagios Logging 


By default, Nagios logs events for the host and services in the /var/log/nagios/nagios.1og file. 
Use the /etc/nagios/nagios.cfg file to control logging for Nagios. For information about logging 
options, see Table 8-3. 
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Table 8-3 Nagios Logging Options 


Logging Parameter 


log file 


log _rotation_method 


Description and Logging Options 


Specifies the path of the log file, including the 
file name. 


Specifies the rotation method that Nagios 
should use to rotate its main log file, or 
disables rotation of the log. 

+ n: None, don't rotate the log 


+ h: Hourly rotation (at the top of the hour, 
every hour) 


¢ d: Daily rotation (at midnight, every day) 


+ w: Weekly rotation (at midnight on 
Saturday evening) 


+ m: Monthly rotation (at midnight on the 
evening of the last day of the month) 


Default Setting 


/var/log/nagios/ 
nagios.log 


Rotate the nagios.1log file at 
midnight every day. 


log_archive_path 


Specifies the path of the directory where 
rotated (archived) log files are stored, if log 
rotation is enabled. 


/var/log/nagios/archives 


use_syslog 


Specifies whether to log Nagios messages to 
the syslog facility as well as to the Nagios 
main log file. 


+ 1: Enable messages to syslog. 


+ 0: Disable messages to syslog. 


Messages are sent to syslog 
as well as to nagios. log. 


log notifications 


Specifies whether to log notifications. 


+ 1: Log notifications. 


+ 0: Do not log notifications. 


Log notifications. 


log _service_retries 


Specifies whether to log service check retries. 


+ 1: Log service check retries. 


+ 0: Do not log service check retries. 


Log service retries. 


log _host_retries 


Specifies whether to log host check retries. 


+ 1: Log host check retries. 


+ 0: Do not log host check retries. 


Log host check retries. 


log_event_handlers 


Specifies whether to log host and service 
event handlers. 


+ 1: Log host and service event handlers. 


+ 0: Do not log host and service event 
handlers. 


Log host and service event 
handlers. 
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8.11 


Description and Logging Options 


Logging Parameter 


Default Setting 


Specifies whether to log the initial state for 


log_initial_ states 


every host and service the first time its status 
is checked. Enable this option only if you are 
using an external application that reports its 
long-term state statistics. 


+ 1: Log the initial state for every host and 
service. 


+ 0: Do not log the initial state for every 
host and service. 


Do not log the initial state for 
every host and service. 


log_external_commands 


Specifies whether to log external commands. 


+ 1: Log external commands. 


+ 0: Do not log external commands. 


NOTE: The check _external_commands 
option is enabled by default for Novell Remote 
Manager. This enables you to use the CGI 
command interface. 


The command_check_interval is set to -1 by 
default for Novell Remote Manager. This 
causes Nagios to check the external 
command file as often as possible. 


Log external commands. 


log passive checks 


Specifies whether to log passive host and 
service checks. 


+ 1: Log passive checks. 


Log passive checks. 


+ 0: Do not log passive checks. 


Viewing the PIDs or Monitoring the Health of 


Processes 


To view process information, click Manage Linux > View Process Information. On the Process 
Information page, you can view a list of active processes. Table 8-4 describes the health information 
that is reported for each process: 


Table 8-4 Process Health Information 


Parameter 


Description 


Process Information 


Shows an Information icon. Click the Information icon next to the process name to 


monitor or kill an individual process. 


Name 


Shows the process or executable program name. 


Owner 


Shows the process owner (the user who started the process). 
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Parameter 


ID (Status) 


Description 


Shows the process ID (PID) of the task and the current state of the task. The states 
are Sleep (S), Running (R), Traced (T), or Zombied (Z). These states are modified 
by a trailing character as follows: 


+ < indicates a process with a negative nice value. 
+ N indicates a process with a positive nice value. 


+ W indicates a swapped-out process for non-kernel processes. 


CPU Usage % 


Shows the task’s share of the CPU time since the last screen update, expressed as 
a percentage of total CPU time per processor. 


Priority 


Shows the priority of the task. 


Run Time 


Shows the total CPU time that the task has used since it started. 


Physical Memory (%) 


Shows the amount of physical memory in bytes that the task is using, and the 
percentage of RAM memory that this represents. The Linux top command reports 
this information in kilobytes. 


Virtual Memory 


Shows the amount of virtual memory in bytes that the task is using to hold the code, 
data, and stack space memory. This is the value reported by the Linux top 
command's RSS switch. The Linux top command reports this information in 
kilobytes. 


Monitoring or Killing an Individual Process 


On the Process Information page for a selected process, you can view information about the process; 
issue a SIGTERM, SIGKILL, or SIGHUP signal to kill the process; or send a custom signal. The 
process information is obtained from the stat file that is available for the process ID in the /proc 
directory. Process information can also be retrieved at the command line by using the Linux top 


command. 


To view process information, click Manage Linux > View Process Information, then click the name 


link of the process. 


Table 8-5 Process Information 


Parameter 


Process Name 


Description 


Shows the process or executable program name. 


Process ID 


Status 


Shows the process identifier. 


Shows the current status of the process. The status can be running, sleeping (an 
interruptible wait), zombie, D (waiting in uninterruptible disk sleep), T (traced or 
stopped on a signal), or W for paging. 


Command Line 


Working Directory 


Shows the actual command line of the executed command to start this process. 


Shows the current working directory of the process. 


Executable Path 


Shows the actual path name of the executed command to start this process. 


Total Memory 


Shows the total memory allocated to this process. 


Code Size 


Shows the total memory allocated for code to this process. 
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Parameter 


Data Size 


Description 


Shows the total memory allocated for data to this process. 


Library Memory 


Shows the total memory allocated for libraries to this process. 


Dirty Pages 


Resident Pages 


Shows the total memory that is dirty that belongs to this process. 


Shows the amount of memory that this process is using that has not been swapped 
out. 


Tasks 


Shows a list of tasks or threads belonging to this process. 


File Descriptors 


Shows a list of file descriptors that the process has open. 


Troubleshooting a Suspect or Bad Health Status 


When the health status of an item changes from good to a suspect or bad state, you can look at the 
specific item and check the online help for suggested remedies. 


1 In Novell Remote Manager, access Server Health Values or Server Health Services. 


2 Look for the specific health item that has changed status. 


3 View the information for the item that has changed by clicking the Info icon ®© for the item. 


This information outlines the specific health criteria (thresholds) for green, yellow, or red statuses 
in that component. It also provides suggestions in some cases for what might be going wrong in 
that component if a yellow or red indicator is displayed. 


4 Perform the recommended or appropriate action for the health item that has changed. 
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Viewing File Systems 


The Home icon læ] and View File System section in Novell Remote Manager for Linux include the 
following links to these pages: 


Table 9-1 Links for Viewing File System Information 


Link Page Displayed 

Home icon File System Management 

View File System Listing Directory Listing of / (root) directory 
View Partition Information Partition Information 


From these pages you can perform the following tasks: 


¢ Section 9.1, “Viewing Mounted Devices and Performing Actions on Them,” on page 70 
¢ Section 9.2, “Browsing File Systems and Performing Actions on Them,” on page 71 
¢ Section 9.3, “Viewing Partition Information,” on page 76 
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9.1 


on Them 


Viewing Mounted Devices and Performing Actions 


The File System Management page is the home page for Novell Remote Manager. 


Figure 9-1 File System Management Page with Information Pages 


File System Information 


File System: /dev/hda2 


Mount Point / 


Type ext3 
Size 31GB 
In Use 3.3GB 


Free Space SN 38%, 266 Free) 


File System Information 


File System: AP/.CORE_OS.DEV.NOVELL 


Mount Point 
Type 

Size 

In Use 

Free Space 


fmntf users 
nepfs 
228GB 
71GB 


SYS Share Information 


Description 
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File system path 


File system shadow path 


Loaded name spaces 


File system type 
NCP volume ID 


Status 


Sector Size 
Sectors per Cluster 
Capacity 


Local cache 


HR (63, 1576 Free) 


Value 
/usr/novell/sys 
n/a 

DOS LONG 
EXT3 

0 
mounted 
online 

512 

8 

13.07 GB 


Parameter 

trustee count 

cached files 

evicted files 

cached folders 

cache retrieved 

cache retrieved locked 0 


File System Management 


Mounted Device 
®© rootfs 

fdev/root 

proc 

sysfs 

devpts 

tmpfs 

fdevédvd 

fdev/ fdo 

usbfs 
@ AP /,CORE_OS.DEV.NOVELL 
@ AP /,CORE_OS.DEV.NOVELL 
@ DR#.CORE_OS,DEV.NOVELL 


¿mnt/ data 


Mount Location 
(88% free) 


fdev/pts 
fdevéshm 
fmedia/dvd 
fmedia/ floppy 
¿proc/bus/usb 
¿mnt/ code (18% free) 
(69% free) 


(63% free) 


fmntfusers 


NCP Volumes 


® sys 


fusr/novell/ sys 


You can access this page by clicking the Home icon | (File System) link in the header frame. 


9.2 


The File System Management page provides a list of the server's mounted devices. The devices that 
are shown are from the Linux mountable file, which is a list of other file systems mounted on this 
host's file system. 


You can view the percent of free space available on all mounted physical devices or external file 
systems that have actual disk space. Available disk space on virtual file systems is not shown. For 
information about how NSS reports space usage for volumes, see “Guidelines for Sizing Volumes” in 
the OES 11 SP3: NSS File System Administration Guide for Linux. 


To view specific information about each mounted physical device or external file system that has 


actual disk space, click the Information icon @ on the left. Clicking the Information icon displays one 
of the following types of pages: 


+ File System Information. This page shows the mount point, the file system type, the size of the 
mount point and the space in use. Clicking the Unmount button on this page, dismounts the 
remote file system shown. The Unmount button is available only on remotely mounted file 
systems such as NFS, NCP, and Samba. 


+ NCP Share Information. This page shows the volumes underlying file system type, mount point 
and status, and cache information. 


You can browse any of these file systems by clicking the link in the Mount Location column. At this 
point, you can perform any of the tasks listed for browsing the servers file system. See “Browsing File 
Systems and Performing Actions on Them” on page 71. 


Browsing File Systems and Performing Actions on 
Them 


On the Directory List page, you can view the Linux POSIX file system and NSS file system from 
mount points or local partitions; browse directories and files; view and change attributes, directories, 
and files; and edit, delete, or rename files. 


To access this page, click View File System > View File System Listing in the navigation frame. 
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Figure 9-2 Directory List Page 


/ 


Q Text search # Inventory 


8 Upload 


E 


Info Name Ẹ| Size Y 
-admin 

admin 

bin 

boot 

CORE-CIFS 

dev 

tC 


home 


ib 


lost+found 


media 


ED PD DP PD oP PP PDD PD PP 
Ee 


Directory Listing 
Date and time Y Attributes 

N/A Sat 16 Jul 2016 09:36:44 PM IST N/A 
N/A Sat 16 Jul 2016 09:34:05 PM IST d rwx rwx rwx 
N/A Sat 16 Jul 2016 09:32:54 PM IST d rwxr.xr.x 
N/A Thu 16 Jun 2016 07:34:11 PM IST d rwxr.xr.x 
N/A Thu 16 Jun 2016 07:43:42 PM IST drwxr.xr.x 
N/A Tue 28 Jun 2016 08:06:43 PM IST drwxr.xr.x 
N/A Sat 16 Jul 2016 09:34:23 PM IST drwxr.xr.x 
N/A Mon 18 Jul 2016 04:13:13 PM IST drwxr.xr.x 
N/A Mon 20 Jun 2016 03:30:14 PM IST drwxr.xr.x 
N/A Sat 16 Jul 2016 09:23:28 PM IST d mwx rx rx 
N/A Sat 16 Jul 2016 09:24:10 PM IST d rwx rx 1.x 
N/A Thu 16 Jun 2016 10:16:25 AM IST d rwx... ..- 
N/A Mon 18 Jul 2016 04:13:13 PM IST d rwx rx 1.x 
N/A Wed 05 May 2010 07:34:57 PM IST d rwx rx x 
N/A Thu 16 Jun 2016 10:59:24 AM IST d rwx rx rx 
N/A Tue 28 Jun 2016 08:06:43 PM IST d rwx rx rx 
N/A Sat 16 Jul 2016 09:32:24 PM IST dr.xr.xr.x 
N/A Mon 18 Jul 2016 05:25:54 PM IST a A 
N/A Sat 16 Jul 2016 09:24:48 PM IST drwxr.xr.x 


The following table describes the actions necessary to access directories, files, and file and directory 


attributes from the Directory List page. 


Table 9-2 Directory List Page Tasks and Procedures 


Tasks 


Procedures 


Click the link_for_the_mount_point, volume, directory, or 


Browse to a mount point, volume, directory, or 
local partition 


local partition under the Name column. 


Move down the directory tree 


Click the directory_name link. 


Move up the directory tree 


Re-sort the list by name, size, or date and time. 


Click the double_dots (..) link. 
Click the column heading that has a Sort icon ¥ next to it. 


The default sort for this listing is by the directory or file name. 


View or change the attributes of a directory 


Click the Attributes link. For information, see Section 9.2.1, 
“Viewing or Changing File or Directory Attributes,” on 
page 73. 


View the size of a directory or file. 


The Size column for a directory lists the size of all files and 


subdirectories in that directory. 


From the Directory Listing page, you can perform the following tasks. 


¢ Section 9.2.1, “Viewing or Changing File or Directory Attributes,” on page 73 


¢ Section 9.2.2, “Viewing Details about Directories and Performing Actions on Them,” on page 73 


¢ Section 9.2.3, “Uploading a File to the Server,” on page 74 
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9.2.2 


¢ Section 9.2.4, “Downloading a File from the Server to a Local Workstation,” on page 74 
¢ Section 9.2.5, “Searching for Text in Files,” on page 75 
¢ Section 9.2.6, “Viewing the Details of a File and Performing Specific Actions,” on page 75 


¢ Section 9.2.7, “Viewing Individual Files,” on page 76 


Viewing or Changing File or Directory Attributes 


Clicking the Attributes link opens the Directory Information page where you can view or change the 
attributes of the directory. For more information, see “Viewing Details about Directories and 
Performing Actions on Them” on page 73 and “Viewing the Details of a File and Performing Specific 
Actions” on page 75. 


IMPORTANT: To set directory and file attributes for files on the NSS file system, go to Manage NCP 
Services > Manage Shares, the browse to locate the file and set its attributes. You can also use 
Novell iManager, the Novell Client, or Novell NetStorage. 


Viewing attributes on NSS volumes, directories, and files conveys the status of the NSS file system 
directory and file attributes: Hidden (H), Read Only (Ro), Read/Write (Rw), and Execute (X). You can 
view these settings in Novell Remote Manager for Linux as a combination of Read, Write, and 
Execute fields for the User, Group, and Other categories. Although it appears that you can control 
these attributes using the selections on the Directory Information page, the selections do not actually 
control the conventional POSIX settings for NSS directories and files. For more information, see 
“Viewing Key NSS Directory and File Attributes as Linux POSIX Permissions” in the OES 11 SP3: File 
Systems Management Guide. 


Viewing Details about Directories and Performing Actions 
on Them 


1 Click the View File System > View File System Listing link in the navigation frame or click a 
Mount_Location_name link on the Home page. 


2 On the Directory list page, browse to the directory you want to search in by clicking the 
directory_name link. 

3 From the directory listing, click the Folder Information icon ‘{@] to the left of the directory or 
subdirectory you want to view information about or change the attributes of. 


4 On the Directory Information page that is displayed, view the information or select/deselect the 
check box for the attributes that you want to change. 


5 Click OK. 


6 When viewing the details of a directory from the Directory Information page, you can also 
perform the following tasks for the selected directory: 


+ Delete the directory and its contents 
+ Rename the directory 

+ Create a subdirectory in the directory 
+ Create a symbolic link in the directory 
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Type the required information in the field next to the option, then click its button. 
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9.2.3 Uploading a File to the Server 


If you have rights to write to the current directory that you are viewing via Novell Remote Manager, 
you can use the Upload link to copy a file from your local machine or any other network directory to 
the currently selected directory. 


You can upload only one file at a time. The file’s date and time are changed when performing this 
task. 


To perform this task: 
1 Click the View File System > View File System Listing link in the navigation frame or click a 
Mount_Location_name link on the Home page. 


2 On the Directory list page, browse to the directory you want to upload a file to by clicking the 
directory_name link. 


3 In the directory listing, click the Upload link at the top of the Directory listing page. 
4 Browse to and select the file that you want to upload. 
5 Click Upload. 


9.2.4 Downloading a File from the Server to a Local Workstation 
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When you are browsing the server's file system via Novell Remote Manager, you can download any 
file to your local machine by clicking the file name, and then saving the file to your local workstation. 


1 Click the View File System > View File System Listing link in the navigation frame, or click a 
Mount_Location_name link on the Home page. 

2 On the Directory/File List page, browse to or search for the file that you want to download. 

3 Click the file_name link. 

4 When prompted, save the target file to the desired location. 


If the file opens rather than prompting you to save it, you can use the browser features to save 
the file. 
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9.2.5 Searching for Text in Files 


On the Directory Listing page, you can do a GREP-type search (it accepts GREP wildcard 
characters) through the files in the current directory as well as subdirectories to find text in a file. 


1 Click the View File System > View File System Listing link in the navigation frame or click a 
Mount_Location_name link on the Home page. 


2 On the Directory list page, browse to the directory you want to search in by clicking the 
directory_name link. 


3 Click the Text Search link. 


4 Specify the content, file name, or extension you want to search for and select whether you want 
to match the case. 


5 (Optional) If you want to search all subdirectories as well, select Search Subdirectories. 
6 Click Search. 
If nothing is found, no files are listed under the search instructions. 


If the search instructions are not valid, the page showing the directory you wanted to search is 
returned. 


If the search instructions are valid, the results are displayed on a page with the search 
instructions. 


In the display results, you can 


+ Click the file name link to view or download the file. 


+ Click the File Information icon [& to view information about the file; change the attributes to 
it; or edit (conditional), rename, or delete the file. 


If the file is a simple text file or a file with an extension listed in the /opt /novel1l/nrm/ 
nrmedit .txt file, you can also edit the file by clicking the Edit File button. 


9.2.6 Viewing the Details of a File and Performing Specific 
Actions 


1 Click the View File System Listing link in the navigation frame or click a Mount Location name 
link on the Home page. 


2 On the Directory list page, browse the directories to the file, then click the File icon [Bl to the left 
of the file name. 


3 On the File Information page that is displayed, view the information or specify the information 
required for the applicable task, and then click the applicable button for the task you want to 
perform. 


For Attributes management, click the attributes that you want to select/deselect and then click 
OK. 


For file management, use the Edit, Delete, or Rename buttons. The Edit button is available only 
on simple text files or files with the extensions listed in the /opt /novell/nrm/nrmedit .txt file. 
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If you want to save the file with an ANSI or UTF-8 encoding, select the appropriate option and 
click OK. 


Edit | Delete | Rename | [/home;test emacs 


Create Hard Link | | 
Create Symbolic Link | | 


9.2.7 Viewing Individual Files 


If your browser is set up to recognize a certain file extension (for example, . txt), you can browse to 
and click a file of that type to view it directly in Novell Remote Manager. Otherwise, you can download 
any file to your local machine by clicking the file name, and then saving it to a local workstation and 
opening it there. See Section 9.2.4, “Downloading a File from the Server to a Local Workstation,” on 
page 74. 


9.3 Viewing Partition Information 


If you need to get information about how a partition is laid out, you can get this information from the 
Partition Information page. This page shows you the major and minor numbers of the partition, the 
number of blocks in the partition, and its name. 


To view partition information, click View Partition Information in the navigation frame. 


Figure 9-3 Example Partition Information Page 


Partition Information 


Partition Information 


major minor #block name 
3 0 39121488 hda 
1 2096451 hdat 
4096575 hda2 

1 hda3 
1052226 hdad 
31872928 hdaé 
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0 Managing Linux 


10.1 


The Manage Linux section in Novell Remote Manager (NRM) for Linux includes the following links to 
these pages from which you can perform the following tasks: 


Table 10-1 Manage Linux Section Tasks, Links, and Pages 


Task 


Access VNC Console 
screens 


Link 


VNC Consoles 


Page Displayed 


VNC Consoles 
Screens 


For More Info, See 


“Accessing VNC Consoles” 


on page 77 


View Kernel Modules 
Information 


View Kernel Modules 


Kernel Module Listing 


“Viewing Kernel Modules” 
on page 79 


Shut down and restart the 
host 


Manage packages 


Down/Restart 


View Package Information 


Down/Reset Options 


Package Information 


“Shutting Down and 
Restarting the Host” on 
page 80 


“Managing Packages” on 
page 81 


Manage processes 


View Process Information 


Process Information 


“Managing Processes” on 
page 82 


Schedule cron jobs to run 


Accessing VNC Consoles 


If VNC services are configured on the server, you can access the VNC consoles screens in Novell 


Schedule Task 


Schedule Task 


“Scheduling cron Jobs to 
Run on the Server” on 
page 84 


Remote Manager. The accessibility to the VNC consoles via Novell Remote Manager for Linux is 
limited to user root; it is not available to user Admin. This form of remote administration is less 
secure that SSH; therefore, we recommend using this feature only in a secure environment (behind a 


firewall). 


IMPORTANT: VNC access is disabled by default to prevent cross-site scripting. You must disable the 
HttpOnly setting in the /etc/opt/novell/httpstkd. conf file in order to enable the VNC console 
display. For information, see Section A.5, “HttpOnly Command,” on page 164. 


1 If VNC services are not configured on the server, you can configure them as follows: 


la In YaST, log in as the root user, then click Network Services > Remote Administration. 


1b On the Remote Administration page, select the following options: 


+ Allow Remote Administration 


¢ Open Port in Firewall! (default port is 5801) 


1c Click Finish. 
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1d Restart the display manager by entering the following command at the command line: 
rexdm restart 
Verify that pop-up blocking is disabled in your web browser. 
Log in to Novell Remote Manager as the root user. 
Select Manage Linux > VNC Consoles. 
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If VNC Consoles is disabled, a message is displayed instead of the console. You must disable 
the HttpOnly setting in the /etc/opt/novell/httpstkd.conf file in order to enable the VNC 
console display. For information, see Section A.5, “HttpOnly Command,” on page 164. 


Novelle Remote Manager 


Baum - 


EET ABA OS SA SORE OER RSET OSE OUR TERNI 


VNC Console Screens 


Diagnose 
=F 7: This feature has been disabled for security concerns. By default, Novell Remote Manager sets an 
El View File System ‘ 5 n - 3 ae F 3 
View File System Listin HttpOnly’ cookie attribute that specifies that the cookie is not accessible through a script. This helps 
Wins Panton Inisimadon mitigate the risk of cross-site scripting. 
General File Inventory To enable the VNC Consoles feature, you must disable the 'HttpOnly’ security protection and allow 
NCP Volume Inventory scripts to access the cookie. 
Dynamic Storage Technology 
Options 1. Exit Novell Remote Manager, then shut down the daemon: 
g < “rcnovel-httpstkd stop” 
Manage Linux 2. Open the /etc/opt/novellhttpstkd.conf file in a text editor. 
3. Review the potential security concerns for changing HttpOnly to false. 
View Kernel Modules 4. Change the setting from ‘HttpOnly true’ to "HttpOnly false’, then save the file. 
View Memory Information 5. Start Novell Remote Manager: 
Down / Restart “rcnovel-httpstkd start” 


View Package Information 6. Log in to NRM to access the VNC Consoles feature. 


6 Click the 1024 X 728 button on the VNC Console Screens page. 


Clicking the VNC Consoles link opens a Java applet in a secondary browser window. The following 
table explains what you can do from this window. 


Table 10-2 VNC Console Page Tasks and Procedures 


Task Procedure 


Use any of the screens listed as though you were at Use the keyboard or mouse as though you were at the 


the server console. server console. 

Disconnect from the console. Click the Disconnect button on this page. 
Change any of the VNC client options currently Click the Options button. 

selected. 


Access the VNC client clipboard and cut or paste any Click the Clipboard button. 
commands that you might want to execute in a active 


terminal shell. 
Restart the server. Click the Send Ctrl+Alt+Del button. 
Refresh the current screen you are viewing. Click the Refresh button. 


Figure 10-1 illustrates a user accessing YaST on a remote server from the user’s desktop browser. To 
access YaST on the remote server, the user did the following: 


1 Clicked the VNC Consoles link in the navigation frame. 
2 Clicked the 1024 X 728 button on the VNC Consoles Screens page. 
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3 Logged into Linux. 
4 Clicked Computer > System > YaST. 


Figure 10-1 Example Access of YaST through NRM VNC Console Screens Linux on a GNOME Desktop. 


VNC Console Screens 


1024 x 768 Disconnect | Options | Clipboard | Send Ctr-AltDel | Refresh 
1280 x 1024 


| Applications | Documents | Places 


Favorite Applications 


Firefox f=, Nautilus 
Web Browser ad File Browser 


Recent Applications 


, OES install and Conn @ Online Update 
"es Get patches to correc 


tel) install and configu 


More Applications 


‘SUSE Linux Enterprise Server 11 (x86_64) 
e avalon 


Username: [roo] 


Restart || [Blshutoown || cancer | Mtogin | 


English (United States) V = [usa v| E lowome v| Eà | tocatiogin |v 
ly) & [vy] % | 


Viewing Kernel Modules 


System 
© Help 
W Control Center 


“ YaST 


® Instal/Remove Software 


BS Logout 
T] Shutdown 


Status 


ga) System Monitor 


ge Network: Wired 
=% Using ethernet (eth) 


Clicking the View Kernel Modules link in the navigation frame displays the Kernel Module Listing 
page. On this page you can view the status of the modules that have been compiled into the Linux 
kernel on this system. Printing this page can be useful to document your system as you make 


changes or upgrades to it in the future. 


The information shown on this page is equivalent to the information in the 1smod shell command plus 


the Live information or equivalent to viewing the proc\modules file. 
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Figure 10-2 Example Kernel Module Listing Page 


Kernel Module Listing 
Name Memory t Module Users/Configuration Info Live 
Count 
nepfs 57760 1 Oxfad7 6000 
edd 9368 0 Oxfacc5000 
joydev 10304 0 Oxfacc1000 
sg 35744 O Oxfad5b000 
st 39452 © Oxfad50000 
sr_mod 16292 0 Oxfacbcooo 
ide_cd 36740 «(0 Oxfad46000 
cdrom 37148 2 sr_mod ide_cd Oxfad3bo00 
nyram 8456 0 Oxfac84000 
snd_seq_oss 31360 © Oxfaceedod 
snd_seq_midi_event 7680 1 snd_seq_oss Oxfacéa000 
snd_seq 55312 4 snd_seq_oss snd_seq_midi_event Oxfacdfooo 


Shutting Down and Restarting the Host 


Clicking the Down/Restart link in the navigation frame displays the Down/Reset Options page. You 
can use these options to shut down or reset the host. 


The following table describes the specific actions of each option. 
Table 10-3  Down/Reset Options Page Options and Actions 


Option Action 


Down Forces the host to shut down immediately. 
Reset Forces the host to shut down immediately, then warm boots the computer. 


Using either of the options additionally forces the host to perform the following actions: 


+ Update the cache buffers to disks 
+ Close all open files 


WARNING: If files are open and changes have not been saved to the host, some data loss might 
occur. Users might need to save changes locally until the host is started again. 


If the application that is being used to access the file creates a temporary file and locks the file, 
you might also need to search for and remove the temporary file. 
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For example, Microsoft Word creates a system file that begins with ~$, such as ~$myfile8.doc. 
OpenOffice and LibreOffice create a hidden file that begins with .~lock, such as 
.~lock.myfile10.odt. You can view the temporary files by selecting Manage Shares, then 
navigating the NCP volume or NSS volume to the folder where the open file is stored. 


+ Update the appropriate file system tables 


+ Exit the host from the network 


+ Unmount all file systems 


Managing Packages 


Clicking the View Package Information link displays the Packing Information page. On this page you 
can view the following information about each package that is installed on the system: 


+ Name 
+ Group 
+ Version 
+ Release 


+ Vendor 


Figure 10-3 Example Package Information Page 


Package Information 


adaptec-firmware 
adminfs 
adminfs-kmp-default 
agfa-fonts 


3 


alsa-oss 
alsa-oss-32bit 
alsa-plugins 
alsa-plugins-pulse 
alsa-utils 

ant 

apache2 
apache2-mod php53 
apache2-prefork 
apache2-utils 
apache2-worker 
apparmor-admin_en 
apparmor-docs 
apparmor-parser 
apparmor-profile-editor 
apparmor-profiles 
apparmor-utils 
aspell 

aspell-32bit 


Package Information 


Group Y 
System/Base 
Productivity/ Publishing /PS 
System /Fhs 
System /Filesystems 
System/Daemons 
Hardware/Other 
System/Filesystems 
System/ Kernel 
System/X11/Fonts 
System/Libraries 
System/Libraries 
System/ Libraries 
System/Libraries 
System/Libraries 
Productivity/Multimedia/Sound/ Players 
Development/Tools/ Building 
Productivity/ Networking /\/eb/ Servers 
Productivity/Networking/\eb/Servers 
Productivity/ Networking /\/eb/ Servers 
Productivity/ Networking /\Web/Servers 
Productivity/ Networking /\Web/Servers 
Documentation/SUSE 
Documentation/Other 
Productivity/Networking/Security 
Productivity/Editors/Other 
Productivity/Security 
Productivity/ Security 
Productivity/Text/Spell 
Productivity/Text/ Spell 


Version 
0.742 

4.13 
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2.2.47 
1.0.6 

1.35 
1.3.132 
1.3.132_3.0.101_63 
2003.03.19 
1.0.18 
1.0.17 
1.0.17 
1.0.18 
1.0.18 
1.0.18 
1.7.1 
2.2.12 
5.3.17 
2.2.12 
Zen 
2.2.12 

10.3 
2.5.1.r1445 
2.5.1.r1445 
0.9.1 

2.3 
2.5.1.r1445 
0.60.6 
0.60.6 


Release 
32.25 
1326.37.1 
6.109.1 
30.36.1 
91.25.20 
2.15.4 
0.8.26 
0.8.26 
156.21 
16.24.1 
1.15 
1.15 
7.12.23 
7.12.23 
6.32 
20.11.1 
59.1 
71.1 
59.1 
59.1 
59.1 
8.24.1 
55.68.1 
55.68.1 
268.35 
48.20.1 
55.68.1 
26.22 
26.22 


[instal MMC Search CE 


Vendor Y 


SUSE LINUX Products GmbH, Nuernberg, Germany 
SUSE LINUX Products GmbH, Nuernberg, Germany 
SUSE LINUX Products GmbH, Nuernberg, Germany 
SUSE LINUX Products GmbH, Nuernberg, Germany 
SUSE LINUX Products GmbH, Nuernberg, Germany 
SUSE LINUX Products GmbH, Nuernberg, Germany 
Novell, Inc. 

Novell, Inc. 

SUSE LINUX Products GmbH, Nuernberg, Germany 
SUSE LINUX Products GmbH, Nuernberg, Germany 
SUSE LINUX Products GmbH, Nuernberg, Germany 
SUSE LINUX Products GmbH, Nuernberg, Germany 
SUSE LINUX Products GmbH, Nuernberg, Germany 
SUSE LINUX Products GmbH, Nuernberg, Germany 
SUSE LINUX Products GmbH, Nuernberg, Germany 
SUSE LINUX Products GmbH, Nuernberg, Germany 
SUSE LINUX Products GmbH, Nuernberg, Germany 
SUSE LINUX Products GmbH, Nuernberg, Germany 
SUSE LINUX Products GmbH, Nuernberg, Germany 
SUSE LINUX Products GmbH, Nuernberg, Germany 
SUSE LINUX Products GmbH, Nuernberg, Germany 
SUSE LINUX Products GmbH, Nuernberg, Germany 
SUSE LINUX Products GmbH, Nuernberg, Germany 
SUSE LINUX Products GmbH, Nuernberg, Germany 
SUSE LINUX Products GmbH, Nuernberg, Germany 
SUSE LINUX Products GmbH, Nuernberg, Germany 
SUSE LINUX Products GmbH, Nuernberg, Germany 
SUSE LINUX Products GmbH, Nuernberg, Germany 
SUSE LINUX Products GmbH, Nuernberg, Germany 


On the View Package Information page and subsequent pages, you can perform these tasks using 
the following procedures: 
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Table 10-4 View Package Information Page Tasks and Procedures 


Tasks Procedures 


Sort the listed packages by name, group, Click the Sort icon y at the top of the applicable column. 
or vendor 
The default sort is by name. 


View more detailed information about an Click the link for the applicable package under the Name column. 
installed package 


Remove an installed package 1. Click the link for the package under the Name column. 


2. Click Remove. 


Install a new package that you have 1. Click Install. 


downloaded to the host 2. Browse to the location where you uploaded the package to. 


The browse starts at the root of the host. 
3. Click Install. 


The selected package's file path is transferred to the RPM File Path 
field on the Package Installation page. 


When the Install button is clicked on the View Package Information 
page, Novell Remote Manager attempts to install the specified RPM 
file using the Linux RPM utility. 


The following figure shows a sample of the details you see when you click the package_name link. 


Figure 10-4 Detailed Information Page for the 3ddiag Example Package 


3ddiag 


Name : 3ddiag Relocations: (not relocatable) 

Version : 0.742 Vendor: SUSE LINUX Products GmbH, Nuernberg, Germany 
Release : 32.25 Build Date: Tue Feb 24 01:23:14 2009 

Install Date: Thu Jun 16 11:11:19 2016 Build Host: baur 

Group : System/Base Source RPM: 3ddiag-0.742-32.25.src.rpm 

Size : 53177 License: GPL v2 or later 


Signature : RSA/8, Tue Feb 24 01:23:20 2009, Key ID e3a5c360307e3d54 
Packager : http://bugs.opensuse.org 

Summary : A Tool to Verify the 3D Configuration 

Description : 


With 3Ddiag you can verify the 3D configuration. 


Authors: 


Stefan Dirsch 
Distribution: SUSE Linux Enterprise 11 


Managing Processes 


Clicking the View Process Information link in the navigation frame displays the Process Information 


page. On this page, you can view a list of all the processes as well as their state in the host and 
perform the actions listed in the following table. 
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Table 10-5 Process Information Page Tasks and Procedures 


Tasks Procedures 


Sort the process by name (in alphabetical order Click the Sort icon y at the top of the applicable column. 
by default), by process ID, by CPU Usage, or by 
Memory Usage 


View more specific information about a listed Click the link for the applicable process under the Name 
process column. 
Kill a process 1. Click the link for the applicable process under the 
Name column. 
2. Click Kill. 


The process information is obtained from the stat file that is available for each process ID in the / 
proc directory. Process information can also be retrieved at the command line by using the Linux top 
command. 


Table 10-6 on page 83 describes the parameters reported for each process. 


Table 10-6 Process Information 


Parameter Description 

Name The process name. 

Owner The process owner; the user who started the process. 

ID (Status) The process ID of the task, and the current state of the task. The states are Sleep 


(S), Running (R), Traced (T), or Zombied (Z). These states are modified by a trailing 
< for a process with a negative nice value, N for a process with positive nice value, 
and W for a swapped-out process (this does not work correctly for kernel 
processes). 


CPU Usage % The task's share of the CPU time since the last screen update, expressed as a 
percentage of total CPU time per processor. 


Priority The priority of the task. 
Run Time The total CPU time the task has used since it started. 
Physical Memory The physical memory value is the amount of physical memory in bytes that the task 


is using. The value in parentheses (%) is the percentage of RAM memory that this 
represents. The Linux top command reports this information in kilobytes. 


Virtual Memory The virtual memory is the amount of memory in bytes that the task is using to hold 
the code, data, and stack space memory. The Linux top command reports this 
information in kilobytes. Virtual Memory is the value reported by the Rss switch for 
the top command. 
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Figure 10-5 Example Process Information Page 


Process Information 
Nane S Dem ae eal Usage % ene i Time eee Memory (%) Maey Memory 
® aioso root 10 (Sleep) 0.0% 9 0:00.00 0 (0.0%) 0 
® cron root 4429 (Sleep) 0.0% 16 0:00.00 708608 (0.0%) 1617920 
® events/o root 3 (Sleep) 0.0% 5 0:00.11 0 (0.0%) 0 
© httpstkd root 2612 {Sleep} 0.0% 16 0:10.87 6807552 (0.0%) 135266304 
®© hwscand root 3140 (Sleep) 0.0% 15 0:00.00 430080 (0.0%) 1441792 
® init root 1 (Sleep) 0,0% 16 0:05.01 249856 (0.0%) 602112 
® kacpid root 4 (Sleep) 0.0% 13 0:00.00 0 (0.0%) 0 
® kblackd/o root 5 (Sleep) 0.0% 5 0:00.00 O (0.0%) 0 
@®khelper root 6 (Sleep) 0.0% 5 0:00.00 0 (0.0%) 0 
® khubd root 2290 (Sleep) 0.0% 15 0:00,00 0 (0.0%) 0 
® klogd root 2541 (Sleep) 0.0% 16 0:00.00 606208 (0.0%) 1544192 
®© kseriod root 678 (Sleep) 0.0% 25 0:00.00 0 (0.0%) 0 
® ksoftirqd/o root 2 (Sleep) 0.0% 34 0:00.00 0 (0.0%) 0 
®@ kswapdo root 9 (Sleep) 0.0% 25 0:00.00 0 (0.0%) 0 
®© master root 4264 (Sleep) 0.0% 17 0:00.00 1478656 (0.0%) 4276224 
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10.6 Scheduling cron Jobs to Run on the Server 


Rather than entering commands on the command line to run a cron job at a specific time, you can use 
a form on the Schedule Task page to schedule cron jobs—that is, to execute commands or scripts 
(groups of commands) automatically at a specified time/date—that you want to run at this server. Any 
cron job is valid. 


Scheduling a task creates a cron job and stores it in the /etc/cron.d directory. The command is 
specified to run with the name of whatever user name you are logged in with when you add the 
command. The user name must have the necessary permissions to perform the command you add. 


IMPORTANT: When you set up cron commands, you must log into Novell Remote Manager as the 
root user. 


If no mail service is configured, you might find the output of your commands in the local mailbox 
directory as a plain text file. By default, this is /var/spool/mail/root. 
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Figure 10-6 Schedule Task Page for Scheduling Cron Jobs 


Schedule Task 
Currently Scheduled CRON Jobs: 


(REQUIRED) Description: == i sst—(<i‘“‘<‘; 3O”tS 
Command to Execute: FO 
Start Time: [oo z]: [o2 z] 
Start Day: [Thursday z] (for weekly commands) 

[September >] [20 ¥] (for one time or monthly commands) 


To schedule this timed command, click Submit | 


To reset the form, click Reset | 


To create a new scheduled command: 


1 Complete the required information on the Schedule Task page. 


Field 


Description 


Information to Provide 

Enter a brief description of the command you want to run. 
64 character limit 

Example: 

Send message to log out daily at 10 p.m. 


This description is displayed as the name of the scheduled job in the Currently 
Scheduled CRON Jobs list. 


Command to Execute 


Type the command exactly as you would at a command line. 


All cron job entry types are valid except for lists and step values. 


Start Time 


Start Day 


2 Click Submit. 


Type the time you want the command to run. 


If you want to run the command once a week, specify the day of the week, then 
place an asterisk * in the Month and Day fields. 


If you want to run the command only once or monthly, specify a Month and Day 
setting, then place an asterisk * in the Day of the Week field. 


If you want to run the command monthly, specify a Day setting, then place an 
asterisk * in the Start Day and Month fields. 


If you do not want to specify a value for a field, place an asterisk * in the field. 


After you schedule a job, it is displayed at the top of the page under the Currently Scheduled CRON 
Jobs heading. Jobs that your create manually also display in the list. 
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To change the schedule of a job that you have already scheduled: 


1 Click the link for the job you want to change. 
2 Change the schedule. 
3 Click Submit. 


To delete the schedule of a job that you have already scheduled: 


1 Click the link for the job you want to delete. 
2 Click Delete. 


To return the settings in the fields to the default settings of the current day and time, click Reset. 
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1 Managing Hardware 


11.1 


The Manage Hardware section in Novell Remote Manager (NRM) for Linux includes the following 
links to pages from which you can perform the following tasks: 


Table 11-1 Manage Hardware Section Tasks, Links, and Pages 


Task Link Page Displayed For More Info, See 

View Processor information View Processors Processor Information “Viewing Processors” on page 87 

View Interrupt information Interrupt information Interrupts “Viewing Interrupt Information” 
on page 88 

View memory I/O IO Memory I/O Memory “Viewing I/O Memory 

information Information Information Information” on page 89 

View port I/O information 10 Port Information IO Port Information “Viewing I/O Port Information” on 
page 90 


View SMBIOS information SMBIOS Information SMBIOS Information “Viewing SMBIOS Information” 
on page 91 


Viewing Processors 


Clicking the View Processors link under the Manage Hardware heading in the navigation frame 
displays the Processor Information page. On this page you can view information about each 
processor on this host. 


Information about the processor speed as well as the local cache sizes is useful in determining how 
much work a processor can do. 


This information is equivalent to the information you would see in the /proc/cpuinfo file. 


Figure 11-1 Example Processor Information Page 


Processor Information 
processor : 0 
vendor_id Genuinelntel 
cpu family 6 
model 45 
model name Intel(R) Xeon(R) CPU E5-2440 0 @ 2.40GHz 
stepping 7 
microcode 1803.000000 
cpu MHz 2400 .000 
flags fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss ht syscall nx rdtscp lm constant 


In a virtualized environment, the processor information is reported from the perspective of the server 
where you connected. 


+ Host Server: When you connect to Novell Remote Manager by using the host server IP 
address, the report contains information about all processors on the system. 
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+ Guest Server: When you connect to Novell Remote Manager by using the guest server IP 
address, the report contains information about the physical hardware in use, but only for the 
number of processors you assign to the virtual machine. 


The guest server reports the same information about a processor as if it owned the actual 
hardware on the server. The Virtual Machine Monitor component of the virtualization software 
emulates a complete hardware environment in the virtual machine for the guest server. The 
guest server OS is unaware that it shares the hardware resources with other virtual machines 
and the host. 


The actual usage statistics of the physical processors are not known by Novell Remote Manager. You 
could use the Virtual Machine Manager to see that type of information. 


11.2 Viewing Interrupt Information 


Clicking the Interrupt Information link under the Manage Hardware heading in the navigation frame 
displays the Interrupts page, which includes the following: 


Table 11-2 Interrupts Page 


Category Information Displayed 


Interrupt Interrupt number or name of an interrupt that might be generated. 
CPU number Number of interrupts that have occurred on a given processor. 
Route-Trigger Method How the interrupt is being delivered to the processor and the method of 


interrupting the processor. 


Device Name of the device driver that is generating the interrupt. 
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Figure 11-2 Example Interrupt Information Page 


Interrupts 
Interrupt CPUO Route-Trigger Method Device 
0; 4,084,188 XT-PIC timer 
ug 1,132 XT-PIC i8042 
2: O XT-PIC cascade 
5; 0 XT-PIC ehci_hcd 
8: 2 XT-PIC rte 
oF 93,026 XT-PIC acpi, libata, ethO, uhci_hcd 
10: 0 XT-PIC uhci_hcd, Intel 1CH5 
le O XT-PIC uhci_hcd, uhci_hcd 
12: 4,630 XT-PIC 18042 
14: 16,200 XT-PIC ideo 
15: 77 XT-PIC ide1 
NMI: 0 
Loc: 0 
ERR: 0 
MIS: Q 


11.3 Viewing I/O Memory Information 


Clicking the IO Memory Information link under the Manage Hardware heading in the navigation frame 
displays the I/O Memory Information page, which includes the following: 


Table 11-3 1/O Memory Information Page 


Category Information Displayed 
Memory Address I/O memory range that a given device is using. 
Device Description A description of the device that is using a given I/O memory range. 
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Figure 11-3 Example I/O Memory Information Page 


1/0 Memory Information 0 
Memory Address Device Description 

00000000-0000ffff reserved 
00010000-0009f7ff System RAM 
0009f800-0009ffff reserved 
000a0000-000bffff PCI Bus 0000:00 
000c0000-000c7fff Video ROM 
000ca000-000cafff Adapter ROM 
000cc000-000cffff PCI Bus 0000:00 
000d0000-000d3fff PCI Bus 0000:00 
000d4000-000d7fff PCI Bus 0000:00 
000d8000-000dbfff PCI Bus 0000:00 
000dc000-000fffff reserved 
000f0000-O00ffffF System ROM 
00100000-bfeeffff System RAM 
01000000-014755a6 Kernel code 
014755a7-O1bdcfff Kernel data 
01d38000-01feafff Kernel bss 
2f000000-36ffffff | Crash kernel 
bfef0000-bfefefff | ACPI Tables 
bfeff000-bfefffff ACPI Non-volatile Storage 
bff00000-bfffffff System RAM 
c0000000-febfffff PCI Bus 0000:00 


11.4 Viewing I/O Port Information 


Clicking the IO Port Information link under the Manage Hardware heading in the navigation frame 
displays the I/O Port Information page, which includes the following: 


Table 11-4 IO Port Information Page 


Category Information Displayed 
IO Address Shows the I/O port range that a given device is using. 
Device Description Shows the name of the device that is using a given I/O port range. 
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11.5 


Figure 11-4 Example I/O Port Information Page 


1/0 Port Information 


1/0 Port Information 


10 Address Device Description 


0000-001 f 
0020-0021 
0040-005f 
0060-006f 
0070-0077 
0080-008f 
00a0-00a1 
00c0-00df 
00f0-00 ff 

0170-0177 
010-01 f7 

02f8-02ff 

0376-0376 
0300-03df 
03f6-03f6 


Viewing SMBIOS Information 


Clicking the SMBIOS Information link under the Manage Hardware heading in the navigation frame 


dmat 
pict 
timer 
keyboard 
rtc 

dma page reg 
pic2 
dmaz2 

fpu 

ide1 

ideo 
serial 
ide1 
vesafb 


ideo 


displays the SMBIOS Information page. On this page, you can view details about the BIOS hardware 


in each host without physically removing the hardware cover. You also have access to information 
that is available only through the management system. 


Each link shows the type of device that is available in the BIOS of the host computer. 


You might see information types such as the following. The types displayed vary depending on the 


hardware in your system. 


¢ BIOS 

è System 

+ Base Board 

¢ System Enclosure or Chassis 
+ Processor 

e Cache 

+ Port Connector 

¢ System Slots 

+ On Board Device 
¢ OEM Strings 

+ BIOS Language 
Ħ System Event Log 
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+ Physical Memory Array 

+ Memory Device 

¢ Memory Array Mapped Address 
+ Memory Device Mapped Address 
+ Hardware Security 

+ System Boot 


Selecting an information type displays information contained within SMBIOS for the type selected. 
For example, to see all the BIOS information, click the BIOS Information link. See Figure 11-5. 


Figure 11-5 Example SMBIOS and BIOS Information Pages 


SMBIOS Information 
SMBIOS Information 


Information Type BIOS Information 


¢ BIOS Information 


System Information 
Base Board Information 


System Enclosure or Chassis 
Processor Information 
Memory Controller Information 


Memory Module Information 
Cache Information 


Port Connector Information 
System Slots 

On Board Device Information 
OEM Strings 

System Configuration Options 
BIOS Language Information 
Group Associations 

System Event Log 

Physical Memory Array 

Memory Device 

32-bit Memory Error Information 
Memory Array Mapped Address 
Memory Device Mapped Address 
Portable Battery 


Vendor: Phoenix Technologies LTD 
Version: 6.00 
Release Date: 09/30/2014 
Address: OxE9A40 
Runtime Size: 91584 bytes 
ROM Size: 64 kB 
Characteristics: 
ISA is supported 
PCI is supported 
PC Card (PCMCIA) is supported 
PNP is supported 
APM is supported 
BIOS is upgradeable 
BIOS shadowing is allowed 
ESCD support is available 
Boot from CD is supported 
Selectable boot is supported 
EDD is supported 
Print screen service is supported (int 5h) 
8042 keyboard services are supported (int 9h) 
Serial services are supported (int 14h) 
Printer services are supported (int 17h) 
CGA/mono video services are supported (int 10h) 
ACPI is supported 
Smart battery is supported 
BIOS boot specification is supported 
Function key-initiated network boot is supported 
Targeted content distribution is supported 
BIOS Revision: 4.6 
Firmware Revision: 0.0 
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2 Using Group Operations 


The Use Group Operations section in Novell Remote Manager (NRM) for Linux includes the following 
links to pages from which you can perform the following tasks: 


Table 12-1 Use Group Operations Tasks, Links, and Pages 


Task 


Access an existing group 


Link 


Select Group 


Page Displayed 


Select Group 


For More Information 


“Accessing an Existing 
Group” on page 99 


Build and configure a new 
monitoring group 


Change an existing group 


Define or edit Group 
Monitoring types 


Configure New Group 


Select Group 


NRM Health Types 


Group Monitoring 
Operations 


Select Group 


Novell Remote Manager 
Health Monitoring Engine 
(NRM Health Types) 


“Building and Configuring 
a Monitoring Group” on 
page 94 


“Changing an Existing 
Group” on page 99 


“Defining or Editing Group 
Monitoring Types” on 
page 102 


Delete an existing group 


Select Group 


Select Group 


“Deleting an Existing 
Group” on page 100 


Scan the network for 
items to monitor on the 
network. 


Configure New Group > 
right-click > click Network 
Discovery 


Network Discovery 


“Discovering Items on the 
Network to Monitor” on 
page 103 


Generate and view server 


Configure New Group > 


Group Monitoring 


“Generating and Viewing 


reports right-click > click Save Operations Server Reports” on 
Group page 100 
Save a new group Configure New Group > Save Group “Saving a Group” on 


right-click > click Save 
Group 


page 98 


View group operations 
monitored items 


View Monitored Items 


Novell Remote Manager 
Health Monitoring Engine 
- Monitored Items 


” 


“Viewing Monitored Items 
on page 101 


View group operations 
defined NRM health types 


NRM Heath Types 


Novell Remote Manager 
Health Monitoring Engine 
- NRM Health Types 


“Viewing Group 
Monitoring Types” on 
page 101 


Using the group features involves performing one or more of the following tasks: 


1. Building and Configuring a Monitoring Group (page 94). 


2. (Optional) Saving a Group (page 98). 


You only need to perform this step if you want to use the group at a later time. 


3. Generating and Viewing Server Reports (page 100). 
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The monitoring operations start immediately. Other tasks, such as running reports require 
additional steps. 


4. (Conditional) Accessing an Existing Group (page 99). 


12.1 Building and Configuring a Monitoring Group 


Novell Remote Manager lets you build and configure groups of items for monitoring Linux server or 
NetWare server health, as well as providing various statistics for servers running other operating 
systems. A few of the preconfigured monitoring item types are NRM Health Status for a single server 
or a group of servers, Ping to a specific port, IP connectivity, LDAP Directory Root Search, and status 
of connectivity to a web page. 


Monitoring items can be defined and represented by an icons on a page as shown in the following 
figure. The icons can represent a single item or a group of items. 


Figure 12-1 NRM Server Health Example Group 
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To build and configure a new monitor group: 


1 Click the Configure New Group link in the navigation frame. 


2 Right-click the Group Monitoring Operations page. 


TIP: If your browser does not support right-click functionality, try double-clicking the Reports icon 


in the upper right corner of the page. 
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You should see a pop-up similar to the following: 


Add Item 

Configure New Group 
Full Screen 

Group Configuration 
Network Discovery 


Refresh 

Save Group 

Select Group 

Show Hidden Items 

NRM Reports & Operations 


The menu options are: 


Ad 


Ad 


+ 


+ 


Ad 


Add Item 

Configure New Group 

Full Screen 

Group Configuration 
Network Discovery 
Refresh 

Save Group 

Select Group 

Show Hidden Items 

NRM Reports & Operations 


3 Click Add Item, and do the following: 
3a Complete the Monitoring Item Configuration form. 


Add New Monitor Item 


Monitoring Item Configuration 


Name | Monitoring Type NRM Health Monitor v 
Item | 
Address/ URL l For haai 
Hide Normal ' 
Status ~ 
Text Color | Default ¥ Text Background Default ¥ 
Color 
Use single sign on NRM credentials w 
| Add | | Cancel | 
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For each item you add to a group or want to change from the default setting (health 
monitor), complete the following options on the Monitoring Item Configuration form. 


Option 


Monitoring Type 


Details 


Specify one of the following types: 


+ Label: Text information to use as a label on the group monitor display. 
Lets you identify each group specifically as needed. 


+ LDAP Directory Root Search: Shows the response when trying to 
ping port 389 of the specified LDAP server. Credentials are not used. 
This is useful to monitor the status of your LDAP servers in your 
network. 


+ NRM Group: Shows the health status of a group of servers. Lets you 
access the specific health page for each server in the group. 


+ NRM Health Monitor: Shows the health status of each server in the 
group. Lets you access the specific health page for each server in the 
group. 


+ Ping (ICMP): Shows the response when sending ping requests to the 
specified DNS name or IP address. 


+ TCP/IP Port Query: Shows response activity of a designated TCP/IP 
service. This query attempts to make a TCP connection to the 
specified address and port. Returns green (good) health if any 
services is listening. For example, you could set up a health 
monitoring item to tell you whether your GroupWise server is still 
listening for logins from clients. The only states that are returned are 
green (good), which means the connection was successful, and red 
(bad), which means the connection was not successful. 


+ Web page: Shows the response when trying to determine if the 
communication is working to a server that hosts a website. It does not 
monitor specific websites on the server. It does not monitor whether 
the web service is running. Specify only the portion of the web address 
(URL) that a DNS server can resolve to an IP address; do not include 
a subdirectory. For example, specify www.novell.com, but not 
www.novell.com/support. If you specify a subdirectory, the DNS 
name cannot be resolved, and a Can’t Connect health status is 
reported. 


Name 


Item Address/URL 


Provide a descriptive name for the item. 


Specify the IP address for the server that you want to monitor or ping, or 
specify the DNS name of the server that hosts the web page. 


The address can be an IP address or DNS name. 


Do not specify the HTTP:// portion of a URL. 


Port 


The default is provided. You can type a different port to use. 


Use Single Sign on 
NRM Credentials 


When selected (default), the credentials used to access this items’ data are 
the same as the credentials that the user logged into Novell Remote 
Manager with. 


When deselected, enter the credential necessary to access the item in the 
User Name and Password fields. 


Hide Normal Status 


When selected, only items that are in an abnormal state are displayed. 


If you want to monitor all statuses, leave the check box deselected. 
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Option Details 


Text Color Black is the default. You can select any other color from the drop-down list. 
Text Background Clear is the default. You can select any other color in the drop-down list. 
Color 


You can also define your own monitoring types or edit the default defined health types by 
editing the XML data in /opt /novell /nrm/NRMGroupHealthInfo file. For more information, 
see “Defining or Editing Group Monitoring Types” on page 102. 


3b Click Add. 
3c Drag the monitor items to the desired location. 


3d Repeat Step 3a through Step 3c for each item that you add. 


4 (Optional) If you want to change any of the following, change the configuration of the group: 


5 


5 


The label for the group 

The graphic displayed 

The refresh rate 

The suspect and critical email notification for the group 


Right-click the customized Group page, then click Group Configuration. 


Complete the fields as desired on the Group Operations Configuration form. 
Group Operations Configuration 

Display Options 

Monitor Page Title 

Background Graphic NRMDefaultGroupMap.JPG Y 

Refresh Rate 30 Seconds 

Apply | 

Option Description 
Display The display options let you control the following: 


+ Monitor Page Title: Specify a title to be shown at the top of the monitor 
page in the header area when the page is built. 


Refresh Rate: Specify the number of seconds between status queries to 
the server. 


Background Graphic: Select a graphic from the drop-down list for the 
monitor items to be displayed on. This option can be helpful if you want to 
show specific locations of the item being monitored. 


If you want to add a customized graphic, add it to the /opt /novell/nrm/ 
NRMGroupMaps directory. 


4c Click Apply. 


5 Perform the desired task, or save the group and perform the task later. 


In this release, the only task you can perform on Linux servers is to compare the server up times. 
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6 (Optional) If you want to reuse the group, save the group. 
6a Right-click the customized Group page, then click Save Group. 
We recommend using a name that represents the group you built. 


6b (Conditional) If you haven’t saved any groups, you might need to extend the schema for 
NRM group operations before you can save the group. 


Extending the schema is required only once per eDirectory tree. If the host is connected to 
a pre-existing NetWare 6.5 or later network, then extending the schema is not necessary. 


6c Click Save Group and perform the required steps to save the group to a local server or save 
it and associate it with an eDirectory object. 


See “Saving a Group” on page 98. 


12.2 Saving a Group 


You can save the configuration of the group so you can access this page again without completing 
the configuration options. You can save a group to the local server or associate with an eDirectory 
object and save it. 


12.2.1 Saving the Group to the Local Server 


1 While viewing the group you just created or edited, right-click the customized Group page, then 
click Save Group. 


2 Inthe Group Name field, specify a name for the group or select a group name that you want to 
replace from the group list. 


We recommend using a name that represents the group you built. 
3 Click Save Group. 


This saves the group to a file with that name in the /opt /novell/nrm/NRMGroups directory. 


12.2.2 Saving the Group and Associating It with an eDirectory 
Object 


You can save a group and associate it with a User or Group eDirectory object. This is helpful when 
you want to access the configuration and you don’t want to save the configuration to a specific server 
(for example, if the server is down but you want it to be part of the operation or if you want to run the 
operation while one of the servers is not functioning properly). 


Only one group can be associated to an object. 
1 While viewing the group you just created or edited, right-click the customized Group page, then 
click Save Group. 


2 Inthe Make This the Group Monitor for This Object field, specify a User or Group object that you 
want to associate this group with. 


You can browse to the user or group by clicking the Browse link icon or by typing the full content 
name of the object. 


3 Click Save Group. 
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12.3 


12.4 


Accessing an Existing Group 


After a group has been saved to the server, you can access the group again to run reports or change 


the attributes of the group. 


1 Click the Select Group link in the navigation frame. 


2 On the Server Group page, select the desired group from the drop-down list. 


3 Click Build Group. 


Changing an Existing Group 


After accessing an existing group (see “Accessing an Existing Group” on page 99), you might want to 
change it using one of the following procedures. 


Table 12-2 Changing an Existing Group Tasks and Procedures 


If you want to 


Change the configuration of an existing 
group. 


Then 


1. Select the group. 


2. Right-click the page, then click Group Configuration. 


3. Make the desired changes in the Group Operations 
Configuration form. 
4. Click Apply. 
5. Save the group. (See “Saving a Group” on page 98.) 
See the details of the server health or the 1. Select the group. 
monitoring type. 2. Select the item you want to see the details for. 
3. Double-click the Health Status icon. 
Edit an existing item in the group. 1. Select the group. 
2. Select the item you want to edit. 
3. Right-click the selected item. 
4. Click Edit. 
Delete a server or monitor item from a group. 1. Select the group. 
2. Select the item you want to delete. 
3. Right-click the selected item. 
4. Click Delete. 
Change the display to a full screen in your 1. Select the group. 
browser window. 2. Right-click the page. 
3. Click Full Screen 
4. When you are finished viewing the group, close the 


browser window. 
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12.5 Deleting an Existing Group 


To delete a group: 


1 Click the Select Group link in the navigation frame. 
2 On the Server Group page, select the desired group from the drop-down list. 
3 Click Delete Group. 


12.6 Generating and Viewing Server Reports 


Running Server Comparison reports on a group of servers can help you in determine which servers 
need to be updated or have configurations changed, why operations on that server might be sluggish, 
or which servers are receiving the most action. 


In this release, you can run only one report, the “Compare Server Up Time Report” on page 100. 


12.6.1 Compare Server Up Time Report 


100 


Run this report to see which servers might need replacing or tuning to keep them running longer. This 
report gives you an idea how long each server in the group has been running without being restarted. 


1 Build the monitor group or select a group previously saved. 


See “Building and Configuring a Monitoring Group” on page 94 or “Accessing an Existing Group” 
on page 99. 


2 Right-click the customized Group page. 
3 Click NRM Reports & Operation. 


NRM Group Operations and Reports 


Novell Remote Manager Server Information 


Reports Operations 


Es Compare Server Up Times 


NRM Servers 


OES-Linux-s2 
OES-Linux-s1 


4 Click Compare Server Up Times. 
A report similar to the following is returned. 
Server Up Time Report 
Server Up Time 


@ OES-Linux-s2 16 days 06 hours 05 minutes 46 seconds 
@ OES-Linux-s1 14 days 22 hours 58 minutes 08 seconds 


© server has been up less than one hour, 
© Server has been up less than one day. 
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12.7 Viewing Monitored Items 


If you have several groups defined and you want to see which items are being monitored from this 
server without opening each group, click View Monitored Items. 


Figure 12-2 Monitored Items 


Novell Remote Manager Health Monitoring Engine 


Monitored Items 


item Name Type Address Last Check Time Monitoring Start Time 
© avalon NRM Agent 127.0.0.1:8008 Mon Jan 6 14:42:35 2014 Mon Jan 6 14:42:35 2014 


| Reset item List | 


This page lists of all of the items currently being monitored by the Novell Remote Manager overall 
health monitoring engine on this server. For information about how this status is calculated for a 
server, see the following: 


¢ For OES 11 SP2 and later servers, see “Viewing the Overall Server Health Status” on page 46 


If an item has not been monitored for more than 3 minutes, it is removed from the list. 


Table 12-3 Health Monitoring Engine Monitored Items 


Column Description 
Status Shows the overall health indicator icon for the item 
Item Name The name assigned to the item when it was defined in a Novell Remote Manager 


health monitoring group. 


Type The type of item being monitored, such as NRM health, ping status, web page. 


Address The third column is the address that Novell Remote Manager uses to check the 
items health status. 


Last Check Time The last time that a Novell Remote Manager group requested the health status of 
this item. 
Monitoring Start Time The that health monitoring was started for this item. 


If this server’s utilization is high due to the monitoring occurring on this server, you might consider 
moving some of the monitoring to another location. 


12.8 Viewing Group Monitoring Types 


Clicking the NRM Health Types link in the navigation frame displays the Novell Remote Manager 
Health Monitoring Engine - NRM Health Types content. This page gives you an overview of the Group 
Monitoring types that are defined on the current host. The legend shows the statuses you might see 
when you are monitoring groups of hosts with various monitored items and is a graphical view of the 
items defined in the /opt /novell/nrm/NRMGroupHealthInfo file. 
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Figure 12-3 The Default NRM Health Monitoring Engine - NRM Health Types Content Definitions 
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Defining or Editing Group Monitoring Types 


If you want to add a Group Monitoring type to the group monitoring that is not defined or change the 
label of any of the predefined types, you can access the /opt/novell/nrm/NRMGroupHealthInfo 
file and make changes to it. 


Each item is defined between the beginning and ending NRM_Health_Item_Definition XML tags as 


shown below. 
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<NRM_Health Item Definition> 
<Type Name>PING</Type Name> 
<Display_Name>Ping (ICMP) </Display_Name> 
<Platform>Linux</Platform> 
<Health Test> 
<Command_Line> 
ping -cl -W1 %ITEM_ADDR | grep "bytes from" 1>/dev/null 
</Command_Line> 
<Result> 
<Value>0</Value> 
<Result_Icon>/sys/login/NRMcanping.gif</Result_Icon> 
<Return_Value>HEALTH STATUS UP</Return_Value> 
<Click_Commandsping -c4 %ITEM_ADDR</Click_Command> 
</Result> 
<Result> 
<!Value>0</!Value> 
<Return_Value>HEALTH_ STATUS CANT CONNECT< /Return_Value > 
<Click_Commandsping -c4 -W1 %ITEM ADDR</Click_Command> 
</Result> 
</Health_ Test> 
</NRM_ Health Item Definition> 


12.10 Discovering Items on the Network to Monitor 


If you want to scan the network for specific services, you can access the Network Discovery page and 
specify the host and ports that should be scanned for. After discovering the items on the network, you 
can click the item and add it to the current group for future monitoring. 


Using this feature can help you to quickly gather the information you need to create monitoring 
groups. 


To access this page, do the following: 


1 Inthe navigation frame, click Use Group Operations > Configure New Group or Select Group. 
2 Right-click the applicable group page displayed. 
3 Verify that the browser you are using will accept pop-up dialog boxes. 
4 Click Network Discovery. 
The Network Discovery page is displayed: 


NetWork Discovery 


Network Scan Parameters 


DNS Name/IP Address [137.65.59.103 Subnet Mask |255.255.255.0 | 
Scan available Hosts(ping/ICMP Echo) 
Scan for Web Servers(port 80) 
Scan for LDAP Servers(port 389) 
Scan for Novell Remote Manager Servers(part 8008/8009) 
Scan for Services(user supplied port) port: | 
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To perform the scan, do the following: 


1 Access the Network Discovery page. 


2 Do the tasks specified in the following table: 


The Network Scan Parameter fields determine which hosts or ports should be scanned. 


The DNS Name / IP Address field is an IP address is used with the subnet mask to determine the 
range of IP addresses to be scanned. These fields default to the IP address of the current Novell 
Remote Manager host and a class C subnet mask. For example, if you wanted to scan for all the 
active hosts in the class B range of 137.65 subnet, you might set the IP address to 137.65.1.1 


and the subnet mask to 255.255.0.0. 


Instead of scanning for all hosts that respond on the network, you can scan for hosts with 


specific services available. 


Task 


Scan the network for hosts that are responding to 
ICMP Echo Requests in the network within a 
specified subnet. 


Procedure 


1. Accept the default IP address or DNS name 
and subnet mask information or change it. 


2. Click Subnet Scan. 


Scan the network for hosts with port 80 open and 
listening for connections (Web Servers) within a 
specified subnet. 


1. Accept the default IP address or DNS name 
and subnet mask information or change it. 


2. Click Web Server Scan. 


Scan the network for hosts with port 389 open and 
listening for connections (LDAP Servers) within a 
specified subnet. 


1. Accept the default IP address or DNS name 
and subnet mask information or change it. 


2. Click LDAP Server Scan. 


Scan the network for hosts with port 8009 open and 
listening for connections (Hosts with Novell Remote 
Manager configured for the default ports) within a 
specified subnet. 


1. Accept the default IP address or DNS name 
and subnet mask information or change it. 


2. Click NRM Agent Scan. 


Scan the network for hosts with user_defined_port 
open and listening within a specified subnet. 


1. Accept the default IP address or DNS name 
and subnet mask information or change it. 


2. Click Service Scan. 


After scanning for a desired service, a Network Discovery page is displayed showing results for 


all hosts with the ports. 


You can do the following task with the information returned: 


Task Procedure 


See more information 1. Click the Web Service More Info icon for the applicable host on the 


about the scanned host. 


Network Discovery page. 


2. View the information on the page that is returned. 


Add the host to the 1 
current group. 


. Click the Add Item to Group icon ¿f for the applicable host on the 
Network Discovery page. 


2. Complete the required information on the Add New Monitor Item page, 


then click Add. 


Most of the information is completed by default. 
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Managing NCP Services 


This section provides an overview of tasks that can be performed when the NCP Server and Dynamic 
Storage Technology plug-in is installed in Novell Remote Manager. 


For information about using and managing NCP Server and NCP volumes on Novell Open Enterprise 
Server (OES) 11 SP3, see the OES 11 SP3: NCP Server for Linux Administration Guide. 


For information about using and managing NSS volumes on OES 11 SP3, see the OES 11 SP3: NSS 
File System Administration Guide for Linux. 


The Manage NCP Services section in Novell Remote Manager for Linux includes the following links to 
these pages: 


Table 13-1 Links for Managing NCP Services 


Link Page Displayed For More Information 


View Inventory Reports NCP Inventory Reports Section 13.3, “Generating 
Inventories for Directories or NCP 
+ Generate report Volumes,” on page 121 


+ Display last report 


View Trustee Reports NCP Trustee Reports Section 13.6, “Generating and 
Viewing NCP Trustee Reports for 
+ Generate report NSS Volumes,” on page 129 


+ Display last report 


Manage Shares NCP Shares “Managing NCP Volumes” in the 


OES 11 SP3: NCP Server for Linux 
+ Active shares listing for NSS Administration Guide 


volumes and NCP volumes 


+ Information about shares, 
including open files 


+ Create new share 
+ Delete existing share 


+ NCP/NSS bindings 


Manage Server NCP Manage Server “Managing NCP Server” in the OES 


11 SP3: NCP Server for Linux 
+ Server parameters for NCP Administration Guide 


Server 


+ Global policy parameters for 
Dynamic Storage Technology 
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Link Page Displayed For More Information 


Manage Connections Connections “Managing Connections for NCP 
Volumes and NSS Volumes” in the 
+ Connection information OES 11 SP3: NCP Server for Linux 
(statistics) Administration Guide 
+ Broadcast message to 
everyone 


+ Connection listing 


+ Detailed information about a 
connection, including open 
files 


View Logs NCP System Logs “Log Files” in the OES 11 SP3: NCP 
Server for Linux Administration 
+ Logs Guide 


* ncpserv.log 
* ncp2nss.log 
+ Audit logs 
* ncpserv.audit.log 
* ncp2nss.audit.log 


* SYS.audit.log 
<volume_name>.audit.log 
View Statistics NCP Statistical Information 


+ Server information “NCP Server Statistics” in the OES 
11 SP3: NCP Server for Linux 


* Server statistics Administration Guide 


View Diagnostic Information NCP Diagnostic Information Chapter 8, “Diagnosing Problems 
Using Ganglia and Nagios (OES 11 
+ NCP engine SP3),” on page 45 


+ NSS interface daemon 


From these pages you can perform the following tasks: 


¢ Section 13.1, “Quick Reference for the NCP Server Plug-In for Novell Remote Manager for 
Linux,” on page 106 

¢ Section 13.2, “Browsing NSS Volumes and Performing Actions on Them,” on page 112 

¢ Section 13.3, “Generating Inventories for Directories or NCP Volumes,” on page 121 

¢ Section 13.4, “Generating a Custom Inventory Report from a File Inventory Report,” on page 127 

¢ Section 13.5, “Performing Actions on Files from Custom Reports,” on page 128 


¢ Section 13.6, “Generating and Viewing NCP Trustee Reports for NSS Volumes,” on page 129 


13.1 Quick Reference for the NCP Server Plug-in for 
Novell Remote Manager for Linux 


¢ Section 13.1.1, “NCP Volumes (NCP Shares),” on page 107 
¢ Section 13.1.2, “NCP Server Parameters,” on page 108 
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¢ Section 13.1.3, “NCP Server Connections,” on page 108 

¢ Section 13.1.4, “NCP Trustee Reports,” on page 109 

¢ Section 13.1.5, “NCP Logs and Audit Logs,” on page 109 

¢ Section 13.1.6, “NCP Server Statistics,” on page 110 

¢ Section 13.1.7, “NCP Server Diagnostics,” on page 110 

¢ Section 13.1.8, “Dynamic Storage Technology,” on page 111 


13.1.1 NCP Volumes (NCP Shares) 


Table 13-2 describes the management tasks available for the Manage NCP Services > Manage 
Shares task in Novell Remote Manager for Linux. 


Table 13-2 Manage NCP Services > Manage Shares 


Subtasks Management Tasks 


Share Name link Browse files and directories. 


View and set file system attributes for files and directories on NSS 
volumes. 


View file information. 


View directory information. 


Mount/Unmount Mount NCP volumes and NSS volumes to make them available to NCP 
clients. 


Unmount NCP volumes and NSS volumes to make them unavailable to 
NCP clients. 


Info icon NCP share information, such as the Linux file system path for the volume, 
file system type, NCP volume ID, status, capacity, and cache statistics. 


Open files listed for each NCP connection. 
Add a shadow volume for the NCP volume. 


For unmounted DST shadow volumes, click the Info icon to remove the 
shadow volume relationship. Removing a shadow volume removes the 
entry in the ncpserv.conf file, but does not delete the volumes that make 
up the shadow volume. 


Create new share Creates an NCP volume name (share) on a Linux POSIX file system 
(Ext3, XFS, or Reiser), and associates it to a path on your server. You are 
prompted for a volume (share) name and a path to the volume. This 
creates a mount point to the volume you specify and makes it accessible 
to NCP clients. 


IMPORTANT: You cannot use this method to create an NSS volume. 
You must use NSS tools to create and manage NSS volumes on Linux. 


Delete existing share Removes the NCP volume and path association for NCP volumes on 
Linux POSIX file systems (Ext3, XFS, or Reiser). This does not remove or 
delete data from the directory; it removes only the volume mount point 
that was created for the NCP share. 
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Subtasks Management Tasks 


NCP/NSS bindings View or modify whether NSS volumes are NCP accessible. If they are not 
accessible, the EXCLUDE_VOLUME volumename command is added to the 
/etc/opt/novell/ncp2nss.conf file. 


Use this option for NSS volumes on clusters where the load script 
handles NCP mount of NSS volumes. 


Use this option for NSS volumes that you want to use as the secondary 
storage area in a Dynamic Storage Technology shadow volume. 


13.1.2 NCP Server Parameters 


Table 13-3 describes the management task available for the Manage NCP Services > Manager Server 
task in Novell Remote Manager for Linux. 


Table 13-3 Manage NCP Services > Manage Server 


Subtasks Management Tasks 
Server Parameter Information View NCP Server parameters for the SET command and their current 
values. 


Click the Parameter Value link to modify the value. For a list of 
parameters and their default values, see “Configuring Global NCP Server 
Parameters’in the OES 11 SP3: NCP Server for Linux Administration 
Guide. 


13.1.3 NCP Server Connections 
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Table 13-4 describes the management tasks available for the Manage NCP Services > Manage 
Connections task in Novell Remote Manager for Linux. 


Table 13-4 Manage NCP Services > Manage Connections 


Subtasks Management Tasks 


Connection information View connection statistics. 


Clear all Not Logged In connections. 


Connection listing View a list of connections. 


Click the name link for the connection to view statistics for the connection 
and a list of its open files. 


Clear selected connections. 


Name link for the connection View statistics for the connection. 


View the network address, status, privileges, and security equivalence for 
a logged-in-user. 


Send a message to the selected connection. 
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Subtasks Management Tasks 


Broadcast messages to everyone Broadcast messages to all logged-in NCP users. The 
DISABLE BROADCAST parameter must be disabled (value of 0) in order for 
broadcast messages to be sent. Users must be using a Novell Client 
version that supports receiving broadcast messages, and the client must 
be configured to receive messages. 


13.1.4 NCP Trustee Reports 


Table 13-5 describes the management tasks available for the Manage NCP Services > View Trustee 
Reports task in Novell Remote Manager for Linux. 


Table 13-5 Manage NCP Services > View Trustee Reports 


Subtasks Management Tasks 


Generating an NCP Trustee report View the NCP Trustee Report. A volume’s trustee report shows the rights 


for NSS volumes settings by folder for each user or group that is a trustee on the NSS 
volume. 

Viewing a saved NCP Trustee View the last saved trustee report for an NSS volume. 

report 


The saved report provides the same trustee rights information that was 
available when the report was created. 


Emailing a saved NCP Trustee For OES 11 SP1 and earlier, email an NCP volume’s trustee report to 
report addresses that are configured in the httpstkd. conf file. 


13.1.5 NCP Logs and Audit Logs 


Table 13-6 describes the management tasks available for the Manage NCP Services > View Logs 
task in Novell Remote Manager for Linux. 


Table 13-6 Manage NCP Services > View Logs 


Subtasks Management Tasks 


Logs Download and view the ncpserv.log and ncp2nss.1log. 
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Subtasks Management Tasks 


Audit logs Download and view the following audit logs: 


* ncpserv.audit.log 


All the operations performed by NCP Engine are logged into this file 
in XML format. For example, add trustee, remove trustee, volume 
mount and dismount, NSS event handler startup/shutdown, add/ 
remove volume, create shadow volume, security sync, and kill NCP 
connections. No file operations are logged in this file. 


* ncp2nss.audit.log 


The following ncp2nss events are logged into this file: 


Open command file, write command file, ncp2nss daemon halted, 
ncp2nss daemon running, NSS not detected, domain socket not 
created, domain socket not accessible, uneb not started, failed to 
import uneb symbols, failed to create uneb processing thread, ndp 
library not started, failed to import ndp library symbols, and failed to 


initialize ndp library. 


+ SYS.audit.log 


* volumename.audit.1log (an audit log is listed for each NSS volume) 


13.1.6 NCP Server Statistics 


Table 13-7 describes the management tasks available for the Manage NCP Services > View Statistics 


task in Novell Remote Manager for Linux. 


Table 13-7 Manage NCP Services > View Statistics 


Subtasks Management Tasks 


Server information View server name, server version, and product version. 


View the number of connections. 


Server statistics View server statistics such as up time, traffic, and caching memory use. 


13.1.7 NCP Server Diagnostics 
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Table 13-8 describes the management tasks available for the Manage NCP Services > Diagnostic 


Information task in Novell Remote Manager for Linux. 


Table 13-8 Manage NCP Services > Diagnostic Information 


Subtasks Management Tasks 


NCP engine View statistics for NCP events. 


Click the Process ID (PID) link to view information about the currently 


running process. 
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Subtasks Management Tasks 
NSS interface daemon View statistics for NSS events. 


Click the Process ID (PID) link to view information about the currently 
running process. 


13.1.8 Dynamic Storage Technology 


Table 13-9 describes the management tasks available for the View File Systems > Dynamic Storage 
Technology Options task in Novell Remote Manager for Linux. 


Table 13-9 View File Systems > Dynamic Storage Technology Options 


Subtasks Management Tasks 
Volume information View a list of NCP volumes and NSS volumes on the server. 


Click the Add Shadow link next to an NSS volume to view share 
information, where you can create a shadow volume. (NCP volumes are 
not supported as shadow volumes.) 


Click the Inventory link next to a shadow volume to view an inventory 
report for both the primary and secondary volumes. 


Click the View Log link next to an NSS volume to download a copy of the 
audit log for the selected volume. 


Add Shadow link This option takes you to the Share Information page. Scroll down to the 
Volume Tasks area to find the Add Shadow Volume task. 


The Share Information page and Add Shadow Volume page do not 
distinguish or validate whether the volumes you choose are actually 
supported file systems and available combinations. 


WARNING: NSS volumes must already exist when you create the 
shadow volume. The Create if not present option is available for future 
support of NCP volumes on Linux file systems. Do not use this option for 
NSS volumes. 


Inventory link View statistics and graphical trend displays for the volume’s files and 
directories. For a DST shadow volume, the report includes information for 
both the primary storage area (primary area) and the secondary storage 
area (shadow area). 


Volume information (Info icon) NCP share information, such as the Linux file system path for the volume, 
file system type, NCP volume ID, status, capacity, and cache statistics. 


Open files listed for each NCP connection. 
Add a shadow volume for the NCP volume. 


For unmounted DST shadow volumes, click the Info icon to access the 
dialog to remove the shadow volume relationship. This removes the entry 
in the ncpserv.conf file, but does not delete the volume itself. 


To unmount a shadow volume, click Manage NCP Services > Manage 
Shares, then click Unmount option next to the shadow volume. 
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Subtasks Management Tasks 


Dynamic Storage Technology Create a new policy. 
policies . . = E 
View a list of existing policies. 
Click the Policy Name link to modify or delete the policy. 


Duplicate file resolution options Set a global policy for how to handle duplicate files. 


ShadowFS configuration Set a global policy for whether to automatically start FUSE and Shadow 
File System at boot time. 


13.2 Browsing NSS Volumes and Performing Actions 
on Them 


The NCP Server plug-in to Novell Remote Manager appears as “Manage NCP Services” in the left 
panel. NCP volumes and NSS volumes are listed as NCP Shares. 


For detailed information about creating and managing NCP volumes, see the OES 11 SP3: NCP 
Server for Linux Administration Guide. 


For detailed information about creating and managing NSS volumes, see the OES 11 SP3: NSS File 
System Administration Guide for Linux. 


For detailed information about creating and managing Dynamic Storage Technology shadow volume 
pairs with NSS volumes, see the OES 11 SP3: Dynamic Storage Technology Administration Guide. 
¢ Section 13.2.1, “Viewing Information about an NSS Volume,” on page 112 


¢ Section 13.2.2, “Viewing the Linux POSIX Details of an NSS Directory and Performing Specific 
Actions on It,” on page 114 


¢ Section 13.2.3, “Viewing the Linux POSIX Details of a File and Performing Specific Actions on 
It,” on page 115 


¢ Section 13.2.4, “Browsing an NSS Volume and Setting Rights and File System Attributes on 
Directories and Files,” on page 116 


¢ Section 13.2.5, “Salvaging and Purging Deleted Files on an NSS Volume,” on page 120 
¢ Section 13.2.6, “Purging a Deleted NSS Volume,” on page 120 
¢ Section 13.2.7, “Viewing Open File Information for an NSS Volume,” on page 121 


13.2.1 Viewing Information about an NSS Volume 


1 In Novell Remote Manager, select Manage NCP Services > Manage Shares. 


2 Inthe right pane, view the list of mounted NSS volumes in the Active Shares list. 
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3 Next to the volume name, click the Information icon (®) to go to the volume’s Share Information 
page. 


VOLD Share Information 
Description Value 
File system path imedia/nss/VOLD 


File system shadow path n/a 
Loaded name spaces DOS LONG 
File system type NSS 

NCP volume ID 2 


mounted 
online 
salvageable 


Status 
user quotas 
directory quotas 
Sector Size 512 
Sectors per Cluster 8 
Capacity 496.52 MB 
Used space 592 KB 


Advanced Information | View 


| Open File Information | 


| Salvageable File List | 


Volume tasks 


Available Actions 
| Add Shadow volume | 


| Purge Volume | 


Perform Inventory 


| Share Management Home | 


4 Inthe Information table, view the following information about the NSS volume: 
¢ File system path on Linux, such as /media/nss/VOLD 
Click the link to browse the directories and files on the volume. 


¢ File system shadow path, such as /media/nss/SH_VOLD (A path is displayed only when the 
specified NSS volume is the primary volume of a Dynamic Storage Technology shadow 
volume pair.) 


Click the link to browse the directories and files on the pair’s secondary volume. 
+ Loaded name spaces, such as DOS, LONG, MAC, and UNIX 
¢ File system type (NSS) 
+ NCP volume ID 


The NCP volume ID is a value between 0 and 254 that is automatically assigned for 
standalone volumes, beginning with zero. The Sys volume is by default assigned 0, and 
_Admin is assigned 1. For shared volumes, the volume ID is specified in the cluster load 
script for shared volumes, beginning with 254 and down. 


+ Status 
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Identifies whether the volume is mounted/unmounted, online/offline, or in a cluster resource. 
It lists the NSS volume attributes that are enabled for the volume, such as Salvageable, 
User Quotas, Directory Quotas, and so on. 


¢ Sector size 

¢ Sectors per cluster 

+ Capacity 

+ Used space 

+ Advanced information (Click View to view.) 


Local cache Parameter Value 
trustee count 0 
cached files 2 
evicted files 0 
cached folders 5 
cache retrieved 19 


cache retrieved locked 0 


Pool name NSS POOL_D 
Pool attributes NSS 0x13 
GUID NSS e3b410a4-f2fa-01 e1-80-00-O0c8fSf6d1 d22 


+ Local cache 
+ Trustee count 
+ Cached files 
¢ Evicted files 
+ Cached folders 
+ Cache retrieved 
+ Cache retrieved locked 
+ Pool name 
+ Pool attributes 
¢ GUID 
+ Open File Information (Click to view.) 


¢ Salvageable Files (Click to view.) 


13.2.2 Viewing the Linux POSIX Details of an NSS Directory and 
Performing Specific Actions on It 


1 Click the View File System Listing link in the navigation frame, or click a Mount Location name 
link on the Home page. 


2 On the Directory list page, browse to the /media/nss/<volume_name> directory and through its 


subdirectories to the directory, then click the Directory Information icon to the left of the 
directory name. 


3 On the Directory Information page that is displayed, view the information about the file: 
+ Directory owner 


+ Group 
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+ Data modified time 

+ Last accessed time 

¢ Information change time 

¢ Linux POSIX read/write/execute directory attributes. 


IMPORTANT: Do not use these settings for NCP and NSS volumes. Use the NCP view of 
the volume to set the Novell Trustee Model attributes. 


4 Perform any of the following tasks: 


Delete Directory and Contents | 


Rename Directory | |mediainss/V OL Didir1 /dir2 


Create Subdirectory | | | 


Create Symbolic Link | | ] 


+ Delete Directory and Its Contents: Click this option to delete the selected directory and 
the subdirectories and files in it. 


+ Rename Directory: Specify the full Linux path to the directory, including the new directory 
name, then click Rename Directory. 


¢ Create Subdirectory: Specify the name of the new subdirectory, then click Create 
Subdirectory. 


+ Create Symbolic Link: Specify the name for the symbolic link, then click Create Symbolic 
Link. 


13.2.3 Viewing the Linux POSIX Details of a File and Performing 
Specific Actions on It 


1 Click the View File System Listing link in the navigation frame, or click a Mount Location name 
link on the Home page. 


2 On the Directory list page, browse to the /media/nss/<volume_name> directory and through its 
subdirectories to the file, then click the File Info icon to the left of the file name. 
3 On the File Information page that is displayed, view the information about the file: 
+ File owner 
+ Group 
+ Data modified time 
+ Last accessed time 
+ Information change time 
+ Linux POSIX read/write/execute file attributes. 


IMPORTANT: Do not use these settings for NCP and NSS volumes. Use the NCP view of 
the volume to set the Novell Trustee Model attributes. 


4 Perform any of the following tasks: 
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Edit | Delete | Rename | [/home;test.emacs 


Create Hard Link | | 
Create Symbolic Link | | 


Edit: The Edit button is available only on simple text files or on files with the extensions 
listed in the /opt /novell/nrm/nrmedit .txt file. If you want to save the file with an ANSI 
or UTF-8 encoding, select the appropriate option and click OK. 


Delete: Click Delete to delete the selected file. 


Rename: Specify the full Linux path to the file, including the new file name, then click 
Rename. 


Create Hard Link: Specify the hard link path, then click Create Hard Link. 
Create Symbolic Link: Specify the symbolic link path, then click Create Symbolic Link. 


13.2.4 Browsing an NSS Volume and Setting Rights and File 
System Attributes on Directories and Files 


1 In Novell Remote Manager, select Manage NCP Services > Manage Shares. 


2 Inthe right pane, view the list of mounted NSS volumes in the Active Shares list. 


3 Click the volume Name link to view a folder list and to browse the files on the NSS file system. 


Click the arrows in the column headings to sort the list by name, type (file extension), size, or last 
modified date and time. 


4 Use the links above the file list to perform the following actions on the volume: 


+ 


d 


+ 


Ad 


Upload 
Text Search 
File Search 
Inventory 


For information, see Section 13.3, “Generating Inventories for Directories or NCP Volumes,” 
on page 121. 


5 Click a directory’s Directory Information icon fq to view information about the directory. You can 
also create subdirectories. 


VOLD:/dir1 


[Back to directory listing for: VOLD/dir1) 


Directory entry information: 


Owner -avalon.novell 

Creation date and time Mon Jun 20 13:57:12 2016 
Effective rights SRWCEMFA 

Inherited rights fitter SRWCEMFA 


Salvageable files: None 


| Create Subdirectory | New name 


+ Owner 
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+ Creation date and time 


¢ Effective rights (based on the Novell Trustee Model) 


¢ Inherited rights filter (based on the Novell Trustee Model). You can click the link to modify 
the rights inheritance filter settings. 


+ 


Salvageable files 


6 Click a directory’s Attributes link to view or modify the NSS file system attributes that are set for 
the directory. Click OK to save your changes. 


VOLD:/dir1 
Folder Attributes Description 
a System If checked, this indicates a system file or folder. 
oO eE If checked, this indicates that this file or folder is excluded from 
normal directory searches. 
go Archive If checked, this indicates that the file or folder needs to be archived. 


+ 


+ 


C] immediate Purge 


Don't Compress 


0O Don't Migrate 


— 
Delete Inhibit: 


O Rename Inhibit: 


J Immediate Compress 


| OK || Reset | 


System 

Hidden 

Archive 
Immediate purge 
Do not compress 
Do not migrate 
Delete inhibit 
Rename inhibit 


Immediate compress 


If checked, this indicates that when this file or folder or the folder 
contents are deleted and are unrecoverable. 


If checked, this indicates that this file or the contents of the folder 
cannot be compressed.. 


If checked, this indicates that this file or folder cannot be migrated to 
near line storage.. 

If checked, this indicates that this file or folder cannot be deleted. 

If checked, this indicates that this file or folder name cannot be 
renamed. 


If checked, this indicates that this file or the folder contents will be 
scheduled for compression.. 


For information about the meaning and usage of NSS file system attributes for directories, see 
“Understanding Directory and File Attributes for NSS Volumes” in the OES 11 SP3: File Systems 
Management Guide. 
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7 Click a file’s File Information icon [& to view the following file information. You can also delete 
the file from this page by clicking Delete File. 


VOLD:/SLES-deployment_en.pdf 
[Back to directory listing for: MOLD 


File information 
Owner -admin.novell 
Last modified date and time Mon Jun 20 13:57:12 2016 
Creation date and time Fri Jun 24 18:43:40 2016 
Last archived date and time Fri Nov 30 00:00:00 1979 


Effective rights SRWCEMFA 
Inherited rights filter SRWCEMEA 
Disk space in use 4,845,095 Bytes 
| Delete File | 
+ Owner 


+ Last modified date and time 

+ Creation date and time 

+ Last archived date and time 

+ Effective rights (based on the Novell Trustee Model) 


¢ Inherited rights filter (based on the Novell Trustee Model). You can click the link to modify 
the rights inheritance filter settings. 


¢ Disk space in use 
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8 Click a file’s Attributes link to view or modify the NSS file system attributes that are set for the 
file. Click OK to save your changes. 


VOLD:/SLES-deployment_en.pdf 


+ 


+ 


File Attributes 


System 
Hidden 


Read Only 


Archive 


Immediate Purge 


Don't Compress 


Don't Migrate 


Delete Inhibit: 


Rename Inhibit: 


Shareable 


Don't SubAlloc 


Execute Only 


Transactional 


OLIO REO O O oO O Lee Oo 


Copy Inhibit 
| OK || Reset | 


System 
Hidden 
Read only 
Archive 


Immediate purge 
Do not compress 


Do not migrate 
Delete inhibit 
Rename inhibit 


Immediate compress 


Shareable 


Do not suballocate 


Execute only 
Transactional 


Copy inhibit 


Immediate Compress 


Description 
If checked, this indicates a system file or folder. 


If checked, this indicates that this file or folder is excluded from normal 
directory searches. 


If checked, this indicates that this file cannot be deleted or modified.. 


If checked, this indicates that the file or folder needs to be archived. 
If checked, this indicates that when this file or folder or the folder contents 
are deleted and are unrecoverable. 


If checked, this indicates that this file or the contents of the folder cannot 
be compressed.. 

If checked, this indicates that this file or folder cannot be migrated to near 
line storage.. 


If checked, this indicates that this file or folder cannot be deleted. 


If checked, this indicates that this file or folder name cannot be renamed. 
If checked, this indicates that this file or the folder contents will be 
scheduled for compression.. 


If checked, this indicates that this file may be used by multiple users at the 
same time.. 


If checked, this indicates that this file may not utilize sub-allocation for 
space saving.. 


If checked, this indicates that this file may only be excuted as a program, 
no modifications will be allowed to the file. 


If checked, this indicates that Transactional tracking of data will enabled. 


If checked, this indicates that this file may not be copied. 


For information about the meaning and usage of NSS file system attributes for directories, see 
“Understanding Directory and File Attributes for NSS Volumes” in the OES 11 SP3: File Systems 
Management Guide. 
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13.2.5 Salvaging and Purging Deleted Files on an NSS Volume 


From an NSS volume’s Share Information page, the Salvageable File List option allows you to view a 
list of deleted files that are available for salvage or purge on the volume. Deleted files are available 
only for NSS volumes where the Salvage attribute is enabled. For information about the NSS file 
salvage feature, see “Volume Salvage versus File Salvage” in the OES 11 SP3: NSS File System 
Administration Guide for Linux. 


1 In Novell Remote Manager, select Manage NCP Services > Manage Shares. 


2 Inthe right pane, view the list of mounted NSS volumes in the Active Shares list. 


3 Next to the volume name, click the Information icon (I) to go to the volume’s Share Information 
page. 

4 Below the Information table, click Salvageable File List to open the Salvage File Information 
page. 


Salvage File Information 
Back to directory listing for: VOLD 


| Purge all files | 
Salvageable files 
Salvage Purge Name Size Last modified date and time Deletor 
— —— j 
| Salvage ||| Purge || si es.installquick_en.pdt 4446726 Mon Jun 20 13:57:12 2016 = „admin.novell 


5 Salvage or purge files in the list: 


If the deleted file resided in a directory that has been deleted, you must first salvage the deleted 
directories in the path. Salvage each lower directory in turn until you have salvaged the deleted 
directory that contained the file. You can then search for the deleted file in the salvaged directory. 


+ The Purge all files option allows you to purge all deleted files on the selected volume. 
+ The Salvage option allows you to recover a deleted file. 
+ The Purge option allows you to purge a deleted file. 


You can also select a deleted directory and use this option to purge the deleted directory 
and all of the deleted subdirectories and files that it contains. 


13.2.6 Purging a Deleted NSS Volume 


For volume salvage, the NSS volumes are automatically retained on deletion. The deleted volume 
can be salvaged for a period of time that is determined by the server-level Logical Volume Purge 
Delay setting. Administrators with the Supervisor right can salvage or purge deleted volumes at any 
time before the purge delay elapses. For information about the NSS volume salvage feature, see 
“Volume Salvage versus File Salvage” in the OES 11 SP3: NSS File System Administration Guide for 
Linux. 


1 In Novell Remote Manager, select Manage NCP Services > Manage Shares. 


2 Inthe right pane, view the list of mounted NSS volumes in the Active Shares list. 


3 Next to the volume name, click the Information icon (I) to go to the volume’s Share Information 
page. 
4 Scroll down to the Volume Tasks table, then click Purge Volume. 
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13.2.7 


13.3 


Viewing Open File Information for an NSS Volume 


1 In Novell Remote Manager, select Manage NCP Services > Manage Shares. 
2 Inthe right pane, view the list of mounted NSS volumes in the Active Shares list. 


3 Next to the volume name, click the Information icon (I) to go to the volume’s Share Information 
page. 
4 Below the Information table, click Open File Information to open the Open File Information 
page. 
5 View the following information about files on the NSS volume: 
+ Connection 


For information, see “Managing Connections for NCP Volumes and NSS Volumes” in the 
OES 11 SP3: NCP Server for Linux Administration Guide. 


+ User name 


+ Open file list 


Generating Inventories for Directories or NCP 
Volumes 


With this feature, you can inventory NCP mounted volumes or general file system directories. You 
can also view graphs, profiles, reports, and key statistics about each of these items, including space 
usage trends. 


Generating this report can take a while, depending on the number of files and folders in the specified 
directory path. 


With a few clicks, you get available space trend graphs; profiles for file types, file owner, last 
accessed, last modified, creation time, and file size; and links to specific reports for each of these. 
You can also customize the scan to look for specific file information. 


The File Owner Profile gathers the ownership statistics from the NSS management interface. If the 
eDirectory user name is available from the NSS management interface, the file owner is reported as 
the eDirectory user name, such as jsmith. Otherwise, the owner is reported as the nobody user. It is 
not required that you enable the users with Linux User Management (LUM) to get the file owner’s 
name. 


This section includes the following tasks: 


¢ Section 13.3.1, “Generating a File Inventory Report,” on page 122 

¢ Section 13.3.2, “Generating an NCP Volume Inventory Report,” on page 124 

¢ Section 13.3.3, “Viewing a Saved NCP Inventory Report,” on page 126 

¢ Section 13.3.4, “Emailing a Saved NCP Inventory Report (OES 11 SP1),” on page 126 
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13.3.1 Generating a File Inventory Report 


To generate an inventory report for an entire server or any subdirectory, including mounted NCP 
volumes: 
1 Click View File System > General File System Inventory. 


You can also click the Inventory link at the top of the View File System Listing page, and on 
subsequent pages as you navigate through the file system subdirectories. 


This opens the General File Inventory page. By default, the / (root) directory is selected. 


Maa | | Ls 


lali 
& longbourn S EAA TO JOL eae E E E E ee A E E... 
+] Diagnose General File Inventor 
= View File System Choose Subdirectory to Inventory: 
View File System Listing | Start Scan | |/ 


View Partition Information 
General File Inventory 


NCP Volume Inventory Browse Subdirectories: 
Dynamic Storage Technology selinux 
Options usr 
opt 
+ Manage Linux CORE-CIFS 
# Manage Hardware libé4 
+ Use Group Operations boot 
a x admin 
+] Manage NCP Services ane 
+] Manage CIFS Services — 
+ Manage AFP Services etc 
proc 
Prasad 
media 
lost+found 
lib 
dev 
tm 
sbin 
mnt 
sv 
root 
bin 
sys 


2 From this point, you can do the following: 


Click the Start Scan button to generate an inventory of the entire server (the default selection is 
the / [root] subdirectory). 


or 


Select a subdirectory to generate a report from. Click the subdirectory_name links until the 
desired subdirectory appears in the Scan field, then click the Start Scan button. 


General File Inventory 


Choose Subdirectory to Inventory: 
| Start Scan | /etc/xinetd.d 


Browse Subdirectories: 
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If you are viewing the File System Listing page for the desired directory, you can generate the 
same reports by clicking the Inventory link on this page. 


A report similar to the following is generated: 


General File Inventory 


Inventory Report for: /etc/xinetd.d 
Report generated on Mon Jul 18 17:33:01 2016 
Elapsed Time(seconds): 0 


Key Statistics Totals 

File type profiles Total Subdirectories: 1 

File owner profiles Total Files: 

Last modified profiles otal Files: 20 

Last accessed profiles Space In Use: 0 MB 

Change time profi les Space Available: 7,533 MB 

File size profiles = rofiles File Types: 1 

Links to specific reports = æ 

Custom Directory Tree Scan Soft Link Files: 0 
Soft Link Subdirectories: 0 


File type profiles: 
Data Tables: 


File Types (By Bytes In Use) 


At this point, you can click any of the links to the left of the Key Statistics table to move quickly to the 
generated information, or you can create a custom report. See “Generating a Custom Inventory 
Report from a File Inventory Report’ on page 127. 
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13.3.2 Generating an NCP Volume Inventory Report 


1 Use either of the following methods to generate an NCP Volume Inventory Report: 
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+ Select Manage NCP Services > Volume Inventory Reports, locate the NSS volume in the 
list, then click Create in the Generate Report column for the volume. 


® Diagnose 

= View File System 
Manage Linux 
Manage Hardware 

# Use Group Operations 
= Manage NCP Services 


NCP Inventory Reports E! 


View Last Report] Generate Report | eMail Report 


VOLI 
VOL_S 
sys 


Display Create Send 
H1 Display 


Display 


Create 
Create 


¢ Select View File System > NCP Volume Inventory, then select the name link of an available 


NCP volume in the list. 


This opens the Volume Inventory page that shows all of the mounted NCP and NSS 
volumes available for inventory. 


View File System 
View File System Listing 
View Partition Information 
General File Inventory 
NCP Volume Inventory 


Dynamic Storage Echnology 
Options 


Volume Inventory 


NCP Volumes Available for Inventory 


Volume Mount Point 
sys (/usr/novell/sys) 
NCPVOL (home) 

VOL D (/media/nss/VOL_D) 
VOL F (/media/nssVOL_F) 
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2 View the generated report. 
A report similar to the following is generated: 


Volume Inventory 


Inventory Report for: /usr/novell/sys 
Report generated on Mon Jul 18 17:42:59 2016 
Elapsed Time(seconds): 0 


: . Key Statistics Totals 

oe. Total Subdirectories: 35 

File owner promles A - 

Last modified profiles Total Files: 389 

Last accessed profiles Space In Use: 21 MB 

change time profiles ge une profiles Space Available: 7,533 MB 

File size profiles ; . 

Links to specific reports heat Types: 2 i 

Custom Directory Tree Scan Soft Link Files: o 
Soft Link Subdirectories: 0 


File type profiles: 
Data Tables: 


File Types (By Bytes In Use) 


At this point, you can click any of the links to the left of the Key Statistics table to move quickly to the 
generated information, or you can create a custom report. See “Generating a Custom Inventory 
Report from a File Inventory Report” on page 127. 
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13.3.3 Viewing a Saved NCP Inventory Report 


An inventory report is saved when you run an inventory on an NCP volume. 
To view the last saved report: 


1 Go to the Manage NCP Services > Volume Inventory Reports page. 
2 Click the View Last Report > Display option for the volume. 


The saved report provides the same statistics as running View File Systems > NCP Volumes 
Inventory. Graphics are not available in a saved report. 


Œ Diagnose NCP Inventory Reports 
E View File System 
Manage Linux vou Display Create Send 
Œ Manage Hardware Vvol_sH1 Berle Cisate Send 

sys Display Create Send 


Use Group Operations 
= Manage NCP Service 


orts 


13.3.4 Emailing a Saved NCP Inventory Report (OES 11 SP1) 


In OES 11 SP1 and earlier, you can use the Send option in the Email Report column to send an NSS 
volume’s last saved NCP inventory report to addresses that are configured in the /etc/opt /novell1/ 
httpstkd.conf file. For information about setting up email addresses for Novell Remote Manager, 
see Section A.3, “Email Notification Commands (OES 11 SP1 and Earlier),” on page 162. 


IMPORTANT: The Novell Remote Manager email notification system is not available in OES 11 SP2 
and later. 


To send the report: 


1 Go to the Manage NCP Services > Volume Inventory Reports page. 
2 Inthe Email Report column, click the Send option for the volume. 
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13.4 Generating a Custom Inventory Report from a File 
Inventory Report 


After generating an inventory report for a volume or directory, you can create a customized scan to 
report more specific information and perform additional actions on the files selected in the report, 
such as move, copy, or delete. 


1 Create the initial report as specified in “Generating a File Inventory Report” on page 122. 


2 Inthe generated report, click the Custom Directory Tree Scan link. 
A page similar to the following is returned: 


Custom Directory Tree Scan 
Search Pattern: eu 
File Owner Restriction: None ¥ 


Time Stamp Restrictions: 


Time Stamp: 
Last Modified Time 
Last Accessed Time 
Last Changed Time 
Range: 


Within Last Day 

1 Day - 1 Week 

1 Week - 2 Weeks 
2 Weeks - 1 Month 
1 Month - 2 Months 
2 Months - 4 Months 
4 Months - 6 Months 
6 Months - 1 Year 

1 Year - 2 Years 
More than 2 Years 


File Size Restriction: 
Less than 1KB 
1KB-4KB 
4 KB - 16 KB 
16 KB - 64 KB 
64 KB - 256 KB 
256 KB - 1 MB 
1MB-4MB 
4 MB - 16 MB 
16 MB - 64 MB 
64 MB - 256 MB 
More than 256 MB 


Start Scan 


3 Type the specific search criteria in the Search Pattern field. 
*.* is the default entry. 
4 Select the desired settings in the File Owner Restriction drop-down box. 
None is the default selection. 
5 Select the check boxes desired to customize the report by Time Stamp or File Size restrictions. 


No restrictions is the default setting. 
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13.5 


13.5.1 


13.5.2 


6 Click Start Scan. 
A page similar to the following is returned: 


Inventory Detail Report ? 


Primary Directories 


Inventory Detail Report for: /usr/novell/sys 
All files matching selected filter: 


Check All || Uncheck All || Delete Checked Files 
_Move Checked Files To: | 


Copy Checked Files To: 


q /usr/novell/sys/SYS Inventory.html 
OWNER: root, Size: 10,391 (10.1 KB), Modified: Tue 19 Jul 2016 08:10:42 PM IST, Accessed: Fri 17 Jun 2016 11:35:14 AM IST, Changed: Tue 19 Jul 2016 08:10:42 PM IST, 


Ñy /usr/novell/sys/LOGIN/MAP.EXE 
OWNER: root, Size: 269,247 (262.9 KB), Modified: Wed 19 Nov 1997 09:56:44 AM IST, Accessed: Wed 19 Nov 1997 09:56:44 AM IST, Changed: Thu 16 Jun 2016 10:53:25 AM IST, 


q /usr/novell/sys/LOGIN/NLS/1254 UNI.001 
OWNER: root, Size: 727 (727), Modified: Fri 20 Mar 1998 01:02:30 PM IST, Accessed: Fri 20 Mar 1998 01:02:30 PM IST, Changed: Thu 16 Jun 2016 10:53:25 AM IST, 


Ñ} susr/novell/sys/LOGIN/NLS/936_UNI.001 
OWNER: root, Size: 48,072 (46.9 KB), Modified: Tue 15 Dec 1998 09:08:16 AM IST, Accessed: Tue 15 Dec 1998 09:08:16 AM IST, Changed: Thu 16 Jun 2016 10:53:25 AM IST, 


Performing Actions on Files from Custom Reports 


After a custom report is generated, you can perform the following actions on the files listed in the 
report for the selected volume. 


¢ Section 13.5.1, “Moving Selected Files,” on page 128 


+ 


Section 13.5.2, “Copying Selected Files,” on page 128 


+ 


Section 13.5.3, “Deleting Selected Files,” on page 129 


+ 


Section 13.5.4, “Opening or Downloading a File,” on page 129 


+ 


Section 13.5.5, “Managing Individual Files,” on page 129 


Moving Selected Files 


1 From the generated report, select the check box to the left of each file that you want to move. To 
move all files in the list, click the Check All button. 


2 Specify the path where you want to move the selected files in the field to the right of the Move 
Checked File To button. 


The target path must be to a location on the same volume. 
3 Click the Move Checked File To button. 


Copying Selected Files 


1 From the generated report, select the check box to the left of each file that you want to copy. To 
copy all files in the list, click the Check All button. 


2 Specify the path where you want to copy the selected files in the field to the right of the Copy 
Checked File To button. 
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The target path must be to a location on the same volume. 
3 Click the Copy Checked File To button. 


13.5.3 Deleting Selected Files 


1 From the generated report, select the check box to the left of each file that you want to delete. To 
delete all files in the list, click the Check All button. 


2 Click the Delete Checked Files button. 


13.5.4 Opening or Downloading a File 


1 From the generated report, select the file_name link for the file you want to open or download. 


2 From the resulting dialog box, select Open With or Save to Disk, then click OK. 


13.5.5 Managing Individual Files 


1 From the generated report, click the File Information icon. 


2 To perform the desired action (edit, delete, rename, create hard link, or create symbolic link) for 
the file, specify the required information in the applicable field, then click the applicable button. 


The target path for the action must be to a location on the same volume. 


Edit | Delete | Rename | [/home;test.emacs 


Create Hard Link | | 
Create Symbolic Link | | 


13.6 Generating and Viewing NCP Trustee Reports for 
NSS Volumes 


Under Manage NCP Services, the View Trustee Reports option opens the NCP Trustee Reports page 
where you can generate a trustee report for a specified NSS volume. This includes Dynamic Storage 
Technology shadow volumes that are comprised of two NSS volumes. You can display the last 
trustee report in the web browser. A trustee report shows the rights settings by folder for each user or 
group that is a trustee on the NSS volume. 


In OES 11 SP1 and earlier, you can also send the report to the email addresses that you have pre- 
configured for Novell Remote Manager. 


¢ Section 13.6.1, “Generating an NCP Trustee Report,” on page 130 
¢ Section 13.6.2, “Viewing a Saved NCP Trustee Report,” on page 130 
¢ Section 13.6.3, “Emailing a Saved NCP Trustee Report (OES 11 SP1),” on page 130 
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13.6.1 Generating an NCP Trustee Report 


1 Log in to Novell Remote Manager as the root user. 


2 Inthe left navigation panel, select Manage NCP Services > View Trustee Reports to open the 
NCP Trustee Reports page. 


NCP Trustee Reports 
View Last Report 

V3 Display Create 

V2 Display Create 

vi Display Create 


3 On the NCP Trustee Reports page, locate the NSS volume in the list, then click its Create link in 
the Generate Report column. 


4 View the NCP Trustee Report. 


A volume’s trustee report shows the rights settings by folder for each user or group that is a 
trustee on the NSS volume. For example, the following trustee report shows the rights for a 
folder in a Dynamic Storage Technology shadow volume. 


Shadow Volume Trustee Report 


Primary Volume Tree: /media/nss/V1 
Shadow Volume Tree: /media/nss/V 1SHADOW 
Report generated on Fri Jul 16 18:28:14 2016 


/media/nss/V1/folderjim 
Rights: _RWCEMFA User / Group .CN=nonlumuserr2.O=novell. T=TULIP. 


Elapsed Time(seconds): 14 


13.6.2 Viewing a Saved NCP Trustee Report 


You can view the last saved trustee report for an NSS volume. The saved report provides the same 
trustee rights information that was available when the report was created. 

1 Log in to Novell Remote Manager as the root user. 

2 Inthe left navigation panel, select Manage NCP Services > View Trustee Reports. 


3 Locate the NSS volume of interest in the list, then click its Display link in the View Last Report 
column. 


13.6.3 Emailing a Saved NCP Trustee Report (OES 11 SP1) 


In OES 11 SP1 and earlier, you can use the Send option in the Email Report column to send an NSS 
volume’s last saved NCP trustee report to addresses that are configured in the /etc/opt /novell/ 
httpstkd.conf file. For information about setting up email addresses for Novell Remote Manager, 
see Section A.3, “Email Notification Commands (OES 11 SP1 and Earlier),” on page 162. 
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IMPORTANT: The Novell Remote Manager email notification system is not available in OES 11 SP2 
and later. 


To send a saved report: 


1 Log in to Novell Remote Manager as the root user. 
2 In the left navigation panel, select Manage NCP Services > View Trustee Reports. 


3 Locate the NSS volume of interest in the list, then click its Send link in the Email Report column. 
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Managing Dynamic Storage Technology 


Options 


This section provides an overview of tasks that can be performed when the NCP Server and Dynamic 
Storage Technology plug-in is installed in Novell Remote Manager. 


For information about using and managing Dynamic Storage Technology on Novell Open Enterprise 
Server (OES) 11 SP3, see the OES 11 SP3: Dynamic Storage Technology Administration Guide. 


For information about using and managing NSS volumes on OES 11 SP3, see the OES 11 SP3: NSS 


File System Administration Guide for Linux. 


The View File System > Dynamic Storage Technology Options section in Novell Remote Manager for 


Linux includes the following links to these pages: 


Table 14-1 Links for Dynamic Storage Technology Options 


Link 


View File Systems > Dynamic Storage Technology 
Options > Volume Information 


Actions 
Volume Share Information 


+ View file system shadow path 
+ Add shadow volume 


See “Adding a Shadow to the Primary NSS 
Volume (Linking the NSS Volumes)” in the OES 
11 SP3: Dynamic Storage Technology 
Administration Guide. 


View File Systems > Dynamic Storage Technology 
Options > Shadow Status 


View File Systems > Dynamic Storage Technology 
Options > Inventory 


+ Shadowed 
+ Add Shadow 


See “Adding a Shadow to the Primary NSS 
Volume (Linking the NSS Volumes)” in the OES 
11 SP3: Dynamic Storage Technology 
Administration Guide. 


Inventory creates inventory for the primary volume, 


secondary volume, and merged view of volumes. See 


“Generating a File Inventory for DST Shadow 
Volumes” in the OES 11 SP3: Dynamic Storage 
Technology Administration Guide. 
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Link 


View File Systems > Dynamic Storage Technology 
Options > Dynamic Storage Technology Policies 


Actions 


¢ View a list of DST policies. 


+ View summary information about when it was last 
executed and the total files moved. 


¢ Select the policy to view or modify the policy 
settings. 


¢ Select the policy, scroll to the bottom of the Policy 
page, then click Delete. 


See “Viewing DST Policies and Policy Status” in the 
OES 11 SP3: Dynamic Storage Technology 
Administration Guide. 


View File Systems > Dynamic Storage Technology 
Options > Create a new policy 


See “Creating and Managing Policies for Shadow 
Volumes” in the OES 11 SP3: Dynamic Storage 
Technology Administration Guide. 


View File Systems > Dynamic Storage Technology 
Options > Stop all running policies 


See “Stopping a Running Policy” in the OES 11 SP3: 
Dynamic Storage Technology Administration Guide. 


View File Systems > Dynamic Storage Technology 
Options > Duplicate file resolution options 


¢ Broadcast conflict message to user 
+ Action to be taken 
+ Show duplicate shadow files (default) 
+ Hide duplicate shadow files 
+ Rename duplicate shadow files 
+ Delete duplicate files from shadow area 


+ Move duplicate shadow files to / 
. DUPLICATE FILES 


See “Resolving Instances of Duplicate Files” in the 
OES 11 SP3: Dynamic Storage Technology 
Administration Guide. 


View File Systems > Dynamic Storage Technology 
Options > Loading Shadow FS 


See “Using ShadowFS to Provide a Merged View for 
Novell Samba Users” in the OES 11 SP3: Dynamic 
Storage Technology Administration Guide. 


Manage NCP Services > Manage Shares > NCP 
Shares 


NCP Shares 


+ NCP/NSS bindings 


+ Volume Information > Volume Tasks > Add 
Shadow Volume 


+ Unmount > Volume Information > Volume Tasks 
> Remove Shadow 


For information about adding and removing shadow 
volume pairs, see “Creating and Managing DST 
Shadow Volumes for NSS Volumes” in the OES 11 
SP3: Dynamic Storage Technology Administration 
Guide. 
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Link Actions 


Manage NCP Services > Manage Server NCP Manage Server 


+ Global policy parameters for Dynamic Storage 
Technology 


DUPLICATE_SHADOW_FILE_ACTION 
DUPLICATE_SHADOW_FILE_BROADCAST 
REPLICATE_PRIMARY_TREE_TO_SHADOW 
SHIFT_ACCESSED_SHADOW_FILES 
SHIFT_DAYS_SINCE_LAST_ACCESS 
SHIFT_MODIFIED_SHADOW_FILES 


For more information about how these settings 
affect shadow volume pairs on the server, see 
“Configuring DST Global Policies” in the OES 11 
SP3: Dynamic Storage Technology 
Administration Guide. 
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Managing CIFS Services 


The CIFS-NRM plug-in to Novell Remote Manager allows you to manage connections and open files 
on NSS volumes for a CIFS server. When you install Novell CIFS, the plug-in adds the Manage CIFS 
Services section in NRM. With the file monitoring options, you can view details of open files and close 
open files by connection or by file. The tasks can be performed on NSS volumes where you have 
configured CIFS shares by using Novell CIFS. 


For information about using and managing CIFS services on Novell Open Enterprise Server (OES) 11 
SP3, see the OES 11 SP3: Novell CIFS for Linux Administration Guide. 


For information about using and managing NSS volumes on OES 11 SP3, see the OES 11 SP3: NSS 
File System Administration Guide for Linux. 


The Manage CIFS Services section includes the following links to CIFS server management pages: 


Table 15-1 Links for Manage CIFS Services 


Link Page Displayed 
Manage Connections CIFS Connections 
View Logs CIFS System Logs 


+ libnrm2cifs.log 


+ cifs.log 


Manage Open Files CIFS Open File Management 


+ Connection information (statistics) 
+ Connection listing 


+ Detailed information about a connection, including open 
files 


From these pages you can perform the following tasks: 


¢ Section 15.1, “Managing CIFS Connections,” on page 137 
¢ Section 15.2, “Viewing Log Information,” on page 138 
¢ Section 15.3, “Managing Open Files,” on page 138 


15.1 Managing CIFS Connections 


By querying or listing all open connections, you can understand how many sessions are opened at 
any moment. The details for each connection include the session ID, client IP address, user name, 
user login time, consolidated list of read/write requests, access mode, and total number of other 
requests received. You can drill-down to extract per-connection details, such as the group that the 
user is a member of. 
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Table 15-2 CIFS Connection Parameters 


Parameter 


Access mode 


Description 


Indicates the mode in which the CIFS server has opened the file on behalf of the user. 
This field displays information that the CIFS server has interpreted from the data 
received as part of both the Access Mask field and the Share Access field in the 
SMB_COM_NT_CREATE_ANDxX request. 


DD 


Indicates that the right to delete or rename the file is denied for all other connections. 


Desired access 


Specifies the access modes that the client has requested. 


DR Indicates that the right to read data from the file is denied. 

DW Indicates that the right to write data into the file is denied. 

ND Indicates that the right to delete or rename the file is denied for this connection. 
RD Indicates that the right to read data from the file is granted. 


Shared access 


Specifies the sharing modes that the client has requested; that is, how the file should 
be shared with other users. 


WR 


Indicates that the right to write data into the file is granted. 


1 Log in to Novell Remote Manager as the root user. 


2 Click Manage CIFS Services > Manage Connections to display the CIFS Connections page. 


3 You can perform the following tasks for open connections on a CIFS server: 


¢ Status of Open Connections: The CIFS Connection List table displays the connection 
number, name of user accessing the connection, reads and writes for each connection, 
CIFS requests by each connection, and login details for the connection. 


+ View Connection Information: Click the connection name to view more details for a 
specific connection. 


15.2 Viewing Log Information 


1 Log in to Novell Remote Manager as the root user. 


2 Click Manage CIFS Services > View Logs to display the CIFS System Logs page. 


3 You can view the following logs for the CIFS server: 


¢ libnrm2cifs.log: Logs debug messages associated with the CIFS-NRM plug-in. Click the 
file to view the messages. 


¢ cifs.log: Logs information, warning, and error messages associated with the CIFS server. 
Click the file to view the messages. 


15.3 Managing Open Files 


You can use the file listing options to view the following information: 


¢ All open files for a particular NSS volume 


¢ All open files by a connection 


¢ All users who have open file handles for a particular file 


138 OES 11 SP3: Novell Remote Manager Administration Guide 


You can use the file closing options to close the following: 


¢ All open files for a particular NSS volume 
¢ All open files by a particular connection 
+ All open file handles associated with a particular file 
If the user tries to perform any operation on an open file that was closed by using the management 


tool, the changes might appear the next time the file is opened, depending on the application. 
However, the data that was saved before the file is closed will be intact. 


WARNING: Administrative closure is not the recommended way to close files. It is provided as a tool 
to administrators to force close files. 


1 Log in to Novell Remote Manager as the root user. 

2 Click Manage CIFS Services > Manage Open Files to display the CIFS Open File Management 
page. 

3 The CIFS Volume lists the mounted NSS volumes. 

4 You can perform the following tasks for files that are open on the selected NSS volume: 


+ Status of Open Files: The List of Open Files table displays the connection number, name 
of user accessing the file, and path of the file. The files are listed for the selected NSS 
volume. You can also set a filter for displaying the specific file type for that volume. 


+ Close Files: Select the files you want to close, then click Close. This closes the file 
immediately and allows no other file operations to be performed. Ensure that you inform the 
user before closing the file, to allow the user time to save the file; otherwise, the user might 
lose unsaved data for the file. 
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Managing AFP Services 


The AFP-NRM plug-in to Novell Remote Manager allows you to manage connections and open files 
on NSS volumes for AFP server. When you install Novell AFP, the plug-in adds the Manage AFP 
Services section in NRM. You can close connections that are stale and persistent. With the file 
monitoring options, you can view details of open files and close open files by connection or by file. 
The tasks can be performed on NSS volumes where you have configured AFP shares by using 
Novell AFP. 


For information about using and managing AFP services on Novell Open Enterprise Server (OES) 11 
SP3, see the OES 11 SP3: Novell AFP for Linux Administration Guide. 


For information about using and managing NSS volumes on OES 11 SP3, see the OES 11 SP3: NSS 
File System Administration Guide for Linux. 


The Manage AFP Services section includes the following links to AFP server management pages: 


Table 16-1 Links for Manage AFP Services 


Link Page Displayed 
Manage Connections AFP Connections 
View Logs AFP System Logs 


* afptcp.log 


+ libnrm2afp.log 


Manage Open Files AFP Open File Management 


+ Connection information (statistics) 
+ Connection listing 


+ Detailed information about a connection, including open 
files 


From these pages you can perform the following tasks: 


¢ Section 16.1, “Managing AFP Connections,” on page 142 
¢ Section 16.2, “Viewing Log Information,” on page 142 
¢ Section 16.3, “Managing Open Files,” on page 143 
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16.1 Managing AFP Connections 


By querying or listing all open connections, you can understand how many sessions are opened at 
any moment. The details for each connection include the session ID, client IP address, user name, 
user login time, consolidated list of read/write requests, access mode, and total number of other 
requests received. You can drill down to extract per-connection details, such as the group that the 
user is a member of. 


If the connections are stale and persistent (for example, if there is no activity for a considerable 
amount of time), this session occupies a considerable chunk of memory. In this scenario, the 
administrator can close the connection/session based on the qualitative analysis of various 
connection parameters dumped by the new commands/options that are introduced. 


Table 16-2 AFP Connections Parameters 


Parameter Description 

Access mode Indicates the mode in which the AFP server has opened the file on behalf of the user. 
DD Indicates that the right to delete or rename the file is denied for all other connections. 
Desired access Specifies the access modes that the client has requested. 

DR Indicates that the right to read data from the file is denied. 

DW Indicates that the right to write data into the file is denied. 

ND Indicates that the right to delete or rename the file is denied for this connection. 

RD Indicates that the right to read data from the file is granted. 

Shared access Specifies the sharing modes that the client has requested, that is, how the file should 


be shared with other users. 


WR Indicates that the right to write data into the file is granted. 


1 Log in to Novell Remote Manager as the root user. 
2 Click Manage AFP Services > Manage Connections to display the AFP Connections page. 
3 You can perform the following tasks for open connections on an AFP server: 


+ Status of Open Connections: The AFP Connection List table displays the connection 
number, name of user accessing the connection, reads and writes for each connection, AFP 
requests by each connection, and login time details for the connection. 


+ View Connection Information: Click the connection name to view more details of a 
specific connection. 


+ Close Connections: Select the connections you want to close, then click Close. This 
closes the connection immediately, closes its open files, and allows no other file operations 
to be performed. Ensure that you close any open files before closing the associated 
connection; otherwise, the user might lose unsaved data for the file. 


16.2 Viewing Log Information 


1 Log in to Novell Remote Manager as the root user. 


2 Click Manage AFP Services > View Logs to display the AFP System Logs page. 
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16.3 


3 You can view the following logs for an AFP server: 


¢ libnrm2afp.log: Logs debug messages associated with the AFP-NRM plug-in. Click the log 
file to view the messages. 


+ afptcp.log: Logs status, debug, and error messages associated with the AFP server. Click 
the log file to view the messages. 


Managing Open Files 
You can use the file listing options to view the following information: 


¢ All open files for a particular NSS volume 
¢ All open files by a connection 


+ All users who have open file handles for a particular file 
You can use the file closing options to close the following: 


¢ All open files for a particular NSS volume 
¢ All open files by a particular connection 
¢ All open file handles associated with a particular file 
If the user tries to perform any operation on an open file that was closed by using the management 


tool, the changes might appear the next time the file is opened, depending on the application. 
However, the data that was saved before the file is closed will be intact. 


WARNING: Administrative closure is not the recommended way to close files. It is provided as a tool 
to administrators to force close files. 


1 Log in to Novell Remote Manager as the root user. 
2 Click Manage AFP Services > Manage Open Files to display the AFP Open File Management 
page. 
3 You can perform the following tasks for open files on an AFP server: 
¢ Status of Open Files: The List of Open Files table displays the connection number, name 


of the user accessing the file, and path of the file. The files are listed for the selected NSS 
volume. You can also set a filter for displaying the specific file type for that volume. 


+ Close Files: Select the files you want to close, then click Close. This closes the file 
immediately and allows no other file operations to be performed. Ensure that you inform the 
user before closing the file, to allow the user time to save the file; otherwise, the user might 
lose unsaved data for the file. 
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Tasks Quick Reference 


The following table provides information about specific tasks you can perform using Novell Remote 
Manager. These references also link to more specific information in this guide. 


Table 17-1 Task Quick Reference List 


Tasks 


Build a group for monitoring 


Link in Navigation frame or Other 
Location 


Use Group Operations > Configure 
New Group 


For More Information 


Building and Configuring a 
Monitoring Group (page 94) 


Cron job, schedule 


Manage Linux > Schedule Task 


“Scheduling cron Jobs to Run on 
the Server” on page 84 


Directory, change attributes of 


View File System > View File 
System Listing 


Viewing Details about Directories 
and Performing Actions on Them 
(page 73) 


Directory, edit 


View File System > View File 
System Listing 


Viewing Details about Directories 
and Performing Actions on Them 
(page 73) 


Directory, delete 


View File System > View File 
System Listing 


Viewing Details about Directories 
and Performing Actions on Them 
(page 73) 


Directory, rename 


View File System > View File 
System Listing 


Viewing Details about Directories 
and Performing Actions on Them 
(page 73) 


Directory, view detailed information 
about 


File, change attributes of 


View File System > View File 
System Listing 


View File System > View File 
System Listing 


Viewing Details about Directories 
and Performing Actions on Them 
(page 73) 


Viewing the Details of a File and 
Performing Specific Actions 
(page 75) 


File, download 


View File System > View File 
System Listing 


Downloading a File from the Server 
to a Local Workstation (page 74) 


File, edit View File System > View File Viewing the Details of a File and 
System Listing Performing Specific Actions 
(page 75) 
File, delete View File System > View File Viewing the Details of a File and 
System Listing Performing Specific Actions 
(page 75) 
File, rename View File System > View File Viewing the Details of a File and 


System Listing 


Performing Specific Actions 
(page 75) 


Files, search for text in 


View File System > View File 
System Listing 


Searching for Text in Files 
(page 75) 
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Tasks 


Link in Navigation frame or Other 


For More Information 


Location 

File, upload View File System > View File Uploading a File to the Server 
System Listing (page 74) 

File, view View File System > View File Viewing Individual Files (page 76) 


System Listing 


File system, browse 


View File System > View File 
System Listing 


Browsing File Systems and 
Performing Actions on Them 
(page 71) 


File system, perform action on 


View File System > View File 
System Listing 


Browsing File Systems and 
Performing Actions on Them 


(page 71) 


Files, viewing details about 


View File System > View File 
System Listing 


Viewing the Details of a File and 
Performing Specific Actions 
(page 75) 


Group operations, access an 
existing group 


Use Group Operations > Select 
Group 


Accessing an Existing Group 
(page 99) 


Group operations, build and 
configure a new monitoring group 


Use Group Operations > Configure 


New Group 


Building and Configuring a 
Monitoring Group (page 94) 


Group operations, change an 
existing group 


Use Group Operations > Select 
Group 


Changing an Existing Group 
(page 99) 


Group operations, define or edit 
Group Monitoring types 


Use Group Operations > NRM 
Health Types 


Defining or Editing Group 
Monitoring Types (page 102) 


Group operations, delete an 
existing group 


Use Group Operations > Select 
Group 


Deleting an Existing Group 
(page 100) 


Group operations, discover items to 


monitor on the network. 


Use Group Operations > Configure 


New Group > right-click menu > 
Network Discovery 


Discovering Items on the Network 
to Monitor (page 103) 


Group operations, generate and 
view server reports 


Use Group Operations > Configure 


New Group > right-click menu > 
Save Group 


Generating and Viewing Server 
Reports (page 100) 


Group operations, save a new 
group 


Use Group Operations > Configure 


New Group > right-click menu > 
Save Group 


Saving a Group (page 98) 


Group operations, view defined 
health types 


Use Group Operations > NRM 
Health Types 


Viewing Group Monitoring Types 
(page 101) 


Group operations, view monitored 
items 


View Monitored Items 


Viewing Monitored Items 
(page 101) 


Host, shut down 


Manage Linux > Down/Reset 
Options 


Shutting Down and Restarting the 
Host (page 80) 


Host, restart 


Manage Linux > Down/Reset 
Options 


Shutting Down and Restarting the 
Host (page 80) 


Interrupt information, view 


Manage Hardware > Interrupt 
Information 
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Viewing Interrupt Information 
(page 88) 


Tasks 


I/O Memory information, view 


Link in Navigation frame or Other 
Location 


Manage Hardware > IO Memory 
Information 


For More Information 


Viewing I/O Memory Information 
(page 89) 


IO Port information, view 


Manage Hardware > IO Port 
Information 


Viewing I/O Port Information 
(page 90) 


Kernel modules, view 


Manage Linux > Kernel Module 
Listing 


Viewing Kernel Modules (page 79) 


Mounted devices, perform actions 
on them 


Home icon > Info icon 


Viewing Mounted Devices and 
Performing Actions on Them 
(page 70) 


Mounted devices, view 


Home icon > Info icon 


Viewing Mounted Devices and 
Performing Actions on Them 
(page 70) 


Packages, install 


Manage Linux > Package 
Information 


Managing Packages (page 81) 


Packages, remove 


Manage Linux > Package 
Information 


Managing Packages (page 81) 


Packages, view information about 


Manage Linux > Package 
Information 


Managing Packages (page 81) 


Partition information, view 


View File System > View Partition 
Information 


Viewing Partition Information 
(page 76) 


Process, kill 


Manage Linux > Process 
Information 


Managing Processes (page 82) 


Process, view information about 


Manage Linux > Process 
Information 


Managing Processes (page 82) 


Processors, view information about 


Manage Hardware > View 
Processors 


Viewing Processors (page 87) 


OES 11 SP3 Server health 


Diagnose > Server Health Values 


Diagnose > Server Health Services 


Diagnosing Problems Using 
Ganglia and Nagios (OES 11 SP3) 
(page 45) 


OES 11 SP3 Nagios 


Configuration Options > Nagios 
Configuration 


Configuring Nagios (page 53) 


OES 11 SP3 Nagios user 
management 


Configuration Options > Nagios 
Configuration > Nagios User 
Management 


Managing Nagios Users (page 61) 


OES 11 SP3 Nagios alert 
notification system for Ganglia and 
Nagios health alerts 


Configuration Options > Nagios 
Configuration 


Modifying the Nagios Notification 
Methods for Contacts (page 64) 


Server Group, monitor overall 
server health 


Use Group Operation > Configure 
New Group or Select Group 


Building and Configuring a 
Monitoring Group (page 94) 


SMBIOS information, view 


Manage Hardware > SMBIOS 
Information 


Viewing SMBIOS Information 
(page 91) 
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18.1 


18.2 


Troubleshooting Novell Remote 
Manager 


This section describes known issues and workarounds for Novell Remote Manager for Novell Open 
Enterprise Server 11. 

¢ Section 18.1, “Daemon httpstkd Is Unable to Start,” on page 149 

è Section 18.2, “Error while loading shared libraries: libldapx.so.0,” on page 149 


¢ Section 18.3, “Apache 403 Warning Error Reported in Nagios on a New Installation or Upgrade 
to OES 11 SP3,” on page 150 


¢ Section 18.4, “Ganglia Statistical Graphics Are Not Displayed in the Web Browser,” on page 151 


Daemon httpstkd Is Unable to Start 


The Novell Remote Manager daemon httpstkd might be unable to start if the ports it is trying to use 
are busy. This error is commonly shown by applications when the ports it uses (in this case NRM 
ports 8008 and 8009) are busy and do not respond. In this situation, you can start httpstkd without 
needing to reboot the server by modifying the ports used by Novell Remote Manager in the /etc/ 
opt /novell/httpstkd.conf file: 

1 Log in to the server as the root user. 

2 Open the /etc/opt/novell/httpstkd.conf file in a text editor. 


3 Change the default ports 8008 and 8009 to other unused ports on the following lines: 


addr 0.0.0.0:8008 
addr 0.0.0.0:8009 keyfile=/etc/opt/novell/httpstkd/server.key 
certfile=/etc/opt/novell/httpstkd/server.pem 


4 Save your changes, then close the /etc/opt/novell/httpstkd. conf file. 
5 Open a terminal console, then start the httpstkd daemon by entering: 


renovell-httpstkd start 


Error while loading shared libraries: libldapx.so.0 


The following error might occur during the Novell Remote Manager installation if eDirectory is not yet 
available: 


Starting the Novell Small Http Interface 
Daemon/opt/novell/httpstkd/sbin/httpstkd: error while loading shared libraries: 
libldapx.so.0: cannot open shared object file: No such file or directory 


Httpstkd tries to start after the rpm is installed. It cannot start at that time if eDirectory has yet to be 
installed. When you get the Installation Completed dialog box, the httpstkd daemon is running. 
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Apache 403 Warning Error Reported in Nagios on 
a New Installation or Upgrade to OES 11 SP3 


You might see an Apache 403 Forbidden Warning error reported in Nagios after a new installation or 
upgrade to OES 11 SP3. 


Figure 18-1 HTTP 403 Forbidden Warning Error 


Current Network Status Host Status Totals Service Status Totals 
epee as Ye] Down] Uorcschabi]e<odina| AA ox arming unine crnca Pending 


el 


Nagios© 3.0.6 . wwwnagios.org 
Logged in as nagiosadmen 


‘View History For all hosts 
View Notifications For All Hosts | o =x 


View Host Status Detail For All Hosts 


Service Status Details For All Hosts 


Service [Status © last Check | [Duration |_| T [Status Information 
localhost CumentLoad GEE) 08.01.2013 12:19:29 6d 15h 8m 48s 1⁄4 OK . load average: 0.26, 0.23, 0.29 
Current Users 08.01.2013 12:20:07 6d15h8m10s 144 USERS OK. 1 users cumentiy logged in 


HTP id WARNING 08.01.2013 12:20:44 6d15h7M335 44 HTTP WARNING: HTTP/1.1 403 Forbidden - 5504 bytes in 0.002 second response time 
PING RI 08-01-2013 12:21:22 6d15h6m55s 1/4 PING OK . Packet loss = 0%, RTA = 0.07 ms 

RootParttion GR 08.01.2013 12:16:59 1421h1m 44s 1/4 DISK OK . free space: /3322 MB (43% inode=62% X 

SSH rid BEI 08.01.2013 12:17:37 6d1ShSm4os 1⁄4 SSH OK . OpenSSH _6.2 (protocol 2.0) 

Swap Usage BW) 08.01.2013 12:18:14 6d15h5mM3s 1/4 SWAP OK - 100% free (1027 MB out of 1027 MB) 

Total Processes GM 08.01.2013 12:18:52 Gd1Sh4m25s 14 PROCS OK: 130 processes with STATE = RSZDT 


8 Matching Semice Enties Displayed 


To resolve the issue, you can try the following: 
1 Log in to the server as the root user, open a terminal console, then navigate to the /etc/ 
nagios/objects directory. 


2 Inthe localhost .cfg file, modify the check _command parameters in the section, “# Define a 
service to check HTTP on the local machine”: 


At the command prompt, enter 


define service { 


use local-service ; Name of service template to use 
host_name localhost 

service description HTTP 

check _command check http! -e 'HTTP/1.0 200','HTTP/ 


1.1 200', 'HTTP/1.1 403 Forbidden! 


notifications enabled 0 


} 


NOTE: If the status for any other service is yellow or red, you must modify the relevant 
parameters in the localhost.cfg file. For example, if you have 300 processes running on your 
cluster node, the status of Total Processes will display yellow, since the default values are set to 
250 (yellow color) and 400 (red color). You can modify the values to 400 and 500 depending on 
your environment. 


define service { 


use local-service ; Name of service template to use 
host_name localhost 

service description Total Processes 

check_command check_local_procs!400!500!RSZDT 
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3 Restart Nagios. 


renagios restart 
4 After a few minutes, verify that the HTTP status for Nagios has been updated to the OK (green) 
state. 
4a Log in as the root user to Novell Remote Manager. 
4b Select Diagnose > Server Health Services, then click Nagios Service Detail. 


4c In the Nagios Authentication Required dialog box, specify your Nagios user credentials, 
then click OK. 


4d View the HTTP status in the Nagios main dashboard. 


18.4 Ganglia Statistical Graphics Are Not Displayed in 
the Web Browser 


The Novell Remote Manager frame sends secure content. However, Ganglia uses scripts to 
graphically display statistics that send the statistical data via HTTP instead of HTTPS. Depending on 
how your web browser is configured to handle mixed content on a web page, the Ganglia statistics 
might not be displayed in the graph windows. 

¢ Section 18.4.1, “Firefox,” on page 151 

¢ Section 18.4.2, “Internet Explorer,” on page 152 


¢ Section 18.4.3, “Chrome,” on page 152 


18.4.1 Firefox 


In Firefox 23 and later, when you access a page with both HTTPS and HTTP content, a shield icon W 
appears in the address bar, and the browser automatically blocks certain content such as non-secure 
scripts. To allow mixed content, right-click the shield icon, then select Disable Protection on This 


Page. After you disable protection, an orange alert icon A appears in the address bar and makes 
you aware that the displayed page contains mixed content. 
© https://137.65.67.37:8009 

ao Firefox has blocked content that isn't secure. 
© Most websites will still work properly even when this 


content is blocked. 


j Learn more Aggregate ¢ 
T Dashboard 
+ yi Keep Blocking i mi 
+ Manage Linux T avalo Disable Protection on This Page 
# Manage Hardware 16:18 x NotNow | 


In a Mozilla Firefox 22 and earlier web browser, you receive a warning, but content is not 
automatically blocked. A Security Warning pop-up dialog box reports: you have requested an 
encrypted page that contains some unencrypted information. Click OK to dismiss the 
warning and allow mixed content to be displayed. 
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18.4.2 


18.4.3 


Security Warning 


You have requested an encrypted page that contains some unencrypted information. Information that 
you see or enter on this page could easily be read by a third party. 


C Alert me whenever I'm about to view an encrypted page that contains some unencrypted information 


Box 


A round shield «> icon replaces the lock to the left of the https:// in the address bar. Right-click the 
icon to view the message that advises: Your connection to this site is only partially 
encrypted, and does not prevent eavesdropping. 


Internet Explorer 


In a Microsoft Internet Explorer web browser, the pop-up dialog box is displayed at the bottom of the 
page and reports: Only secure content is displayed. Click Show all content to dismiss the 
warning and allow mixed content to be displayed. 


Only secure content is displayed. What's the risk? Show all content 


Chrome 


In a Google Chrome web browser, a shield appears at the end of the URL in the address bar. It 
warns: This page includes scripts from unauthenticated resources. Right-click the shield, 
then click Load Unsafe Script. 


This page includes script from unauthenticated sources. 


Load unsafe script al 


Learn more Done 


While mixed content is displayed in Chrome, the green text https: // and lock in the URL & htesv/, 
which indicates secure-only content, is automatically changed to red text that is crossed out anda 
gray lock with a red X & sas. 
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19.1 


Security Considerations 


This section contains information that helps you know whether you can use this utility in a secure 
environment and points you to information to help you set up access to your server so you can be 
certain that its contents are not compromised through the use of this utility. 


For additional security implementation information, see “Security” in the OES 11 SP3: Planning and 
Implementation Guide. 


The default settings for Novell Remote Manager for OES Linux are set so your network and 
information cannot be compromised.If you change settings from the default, please be aware of the 
consequences of your actions. 


+ 


Section 19.1, “Security Features,” on page 153 


+ 


Section 19.2, “Security Characteristics,” on page 155 


+ 


Section 19.3, “Security Configuration,” on page 155 


+ 


Section 19.4, “Nagios Security Configuration,” on page 157 


Security Features 


The following table contains the security features of Novell Remote Manager on OES Linux. 


Table 19-1 Security Features of Novell Remote Manager on OES Linux 


Feature Yes/ Details 
No 
Users are authenticated Yes Users of Novell Remote Manager must provide a user name and 


password credentials to log in. 


Log in as user root, a local Linux user, or as a Novell eDirectory 
user that is Linux User Management enabled. The user sees 
only those functions that the user has permissions to view or 
manage. 


The root user is authenticated locally, not through eDirectory. 
This allows the root user to manage server resources even if the 
eDirectory services are not available. The root user has all 
permissions necessary to manage all functions in Novell Remote 
Manager. 


For more information, see “Accessing Novell Remote Manager” 
on page 28 and “Changing the HTTPSTKD Configuration” on 


page 37. 
Certificate handling by the web Yes Certificate handling requires SSL 2.0 or later, or TLS 1.0 or later, 
browser to be enabled in your web browser. Otherwise, the browser 


displays an error indicating that the page cannot be displayed. 
We recommend the higher security options of SSL 3.0, or the 
latest TLS if it is available. 
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Feature Yes/ 
No 


Limited root user privileges forthe Yes 
Admin user 


Details 


User root can restrict all users from logging in, so the Admin 
user or Admin-equivalent user is not granted unlimited root 
privileges for security reasons. If the server is LUM enabled, the 
Admin user and users with rights equivalent to the Admin user 
have the limited root user privileges that are needed to modify 
only the configuration files necessary for configuring NRM or any 
other files that NRM has been assigned rights to allow modifying. 
The user Admin or equivalent user has access according to the 
Linux and LUM file rights to all other files. 


The Admin user or equivalent user needs root privileges to 
modify the following files in order to configure and manage NRM. 
The privileges are temporary and only for the task to be 
performed. 


/etc/opt/novell/httpstkd. conf 
/etc/pam.d/httpstkd 


The following file names are the names that are used as the 
description for a specified task: 


/etc/cron.d/ [task file name] 


The following files may be the actual file or a symbolic link to the 
YAST or eDirectory certificates: 


/etc/opt/novell/httpstkd/server.pem 
/etc/opt/novell/httpstkd/server.key 


The following files are already modifiable by the Admin user: 


The first category has names that are whatever the user names 
the group that they create. 


/opt/novell/nrm/NRMGroups/[nrm group names] 
/etc/opt/novell/nrmhconfig. conf 


/etc/opt/novell/nrmsvchlthcfg. conf 


Servers, devices, and services are Yes 
authenticated 


When gathering information with group operations, Novell 
Remote Manager authenticates to other servers. 


Access to information is controlled Yes 


Access to information is restricted to valid users who have rights 
to access the server through eDirectory or access rights to the 
local file system. 


The port for accessing the login dialog box must be open through 
a firewall if you want the server to be accessible outside the 
firewall. You can restrict access to specific workstations or a 
range of IP addresses. 


For more information, see “Accessing Novell Remote Manager” 
on page 28 and “Changing the HTTPSTKD Configuration” on 
page 37. 


Roles are used to control access No 


Logging and security auditing is Yes 
done 


Novell Remote Manager does not have role-based management. 
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19.3 


Feature Yes/ Details 
No 


Data on the wire are encrypted by Yes The following data are encrypted on the wire: 


default 
+ Administration via browser UI 


+ When logging in the administration is switching to the 
HTTPS protocol. 


Data is stored encrypted No 
Passwords, keys, and any other Yes 
authentication materials are stored 
encrypted 

Security is on by default Yes 


Security Characteristics 


Novell Remote Manager communicates using port 8008 and 8009. Port 8008 access the Login page, 
then all other communications take place through secure HTTP ports 8009. These default settings 
can be changed using options in the /etc/opt/novell/httpstkd. conf file. 


The HTTPS communication uses SSL encryption. It uses the server certificate by default; however, 
you can reconfigure this setting if desired. 


You can set the SSL key cipher strength by setting the cipher strength command in the /etc/opt/ 
novell/httpstkd.conf file. We recommend that you set the cipher strength to high, which allows 
only 112-bit or greater encryption. By default it is set ALL, which allows any cipher strength. For 
information, see Section A.9, “SSL Key Cipher Strength Command,” on page 168. 


By default, Novell Remote manager sets an HttpOnly cookie attribute that specifies that the cookie is 
not accessible through a script. This helps mitigate the risk of cross-site scripting. For information, 
see Section A.5, “HttpOnly Command,” on page 164. 


The Admin user and users with rights equivalent to user Admin have limited root user privileges that 
are needed to modify only the configuration files necessary for configuring NRM or any other files that 
NRM has been assigned rights to allow modifying. For a list of these files, see Section 19.1, “Security 
Features,” on page 153. The user Admin or equivalent user has access according to the Linux and 
LUM file rights to all other files. 


Security Configuration 


The following table provides a summary of the options you can change to allow or limit access to the 
server through Novell Remote Manager. 


Table 19-2 Options for Changing or Limiting Access to a Server Through Novell Remote Manager 


Issue/Feature Recommendation For More Information 


SSL key cipher strength High (112-bit or greater encryption) Section A.9, “SSL Key Cipher 


Strength Command,” on page 168 
The default setting is ALL, which allows 


any encryption level. 
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Issue/Feature Recommendation For More Information 


Let the root user access This is the default setting. The root user is “Accessing Novell Remote 
Novell Remote Manager with the only user with full management rights Manager” on page 28. 

full management rights. in Novell Remote Manager. 

Let all LUM-enabled All non-local user access is controlled by 


eDirectory users access file eDirectory and LUM. LUM-enabled 

system information in Novell eDirectory users can log in and view the 

Remote Manager. file systems that they have the eDirectory 
rights and file system rights to see. These 

Deny access to all non-LUM- sers (including Admin users and Admin- 

enabled eDirectory users. equivalent users) do not have 
management rights in Novell Remote 
Manager. 


The eDirectory users that are not LUM 
enabled cannot access the server through 
Novell Remote Manager. 


We recommend that the root user be the 
only local user created on the system. 
However, if local users log in to Novell 
Remote Manager, their access is limited to 
viewing the file systems that they have the 
local rights to see. The management 
features are not available to non-root 


local users. 
Let the root user access By default, only the root user and LUM- + “Changing the HTTPSTKD 
Novell Remote Manager with enabled eDirectory users can log in to Configuration” on page 37. 
full management rights. Novell Remote Manager. Non-LUM- 7 ; ae 

; + “Accessing and Editing the 

enabled eDirectory users cannot access : i 
Deny access to all LUM- the server through Novell Remote sE Configuration 
enabled eDirectory users, Manager. File” on page 39. 
including the Admin user and 
Admin-equivalent users. Set the nolum option in the /etc/opt/ 


novell/httpstkd. conf file and edit the / 
Deny access to all non-LUM- etc/pam.d/httpstka file. 
enabled eDirectory users. 


Remove these lines: 


auth sufficient pam_nam.so 
account sufficient pam_nam.so 
password sufficient pam_nam.so 
session optional pam_nam. so 


When the nolum option is set, no LUM- 
enabled eDirectory user can access the 
server via Novell Remote Manager, 
including the Admin user and Admin- 
equivalent user. By default, non-LUM- 
enabled eDirectory users continue to be 
denied access. Only the root user has full 
management access to Novell Remote 
Manager. 
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19.4 


Issue/Feature 


Let the root user access 
Novell Remote Manager with 
full management rights. 


Restrict access for all LUM- 
enabled eDirectory users, 
except the Admin user and 
users with rights equivalent 
to Admin. 


Deny access to all non-LUM- 
enabled eDirectory users. 


Recommendation 


By default, only the root user and LUM- 
enabled eDirectory users can log in to 
Novell Remote Manager. Non-LUM- 
enabled eDirectory users cannot access 
the server through Novell Remote 
Manager. 


Set the supervisoronly option in the / 
etc/opt/novell/httpstkd.conf file. 


When the supervisoron1ly option is set, 
the Admin user and Admin-equivalent 
users are the only LUM-enabled 
eDirectory users that can log in to Novell 
Remote Manager. They can view the file 
systems that they have the eDirectory 
rights and file system rights to see. By 
default, non-LUM-enabled eDirectory 
users continue to be denied access. Only 
the root user has full management 
access to Novell Remote Manager. 


For More Information 


+ “Changing the HTTPSTKD 
Configuration” on page 37. 


+ “Accessing and Editing the 
HTTPSTKD Configuration 
File” on page 39. 


Restrict access to specific 
workstations or a range of IP 
address 


Remove access to the utility 
for all users 


Set the filteraddr and filtersubnet 
options in the /etc/opt/novell/ 
httpstkd. conf file. 


Stop the HTTPSTKD daemon. 


Nagios Security Configuration 


By default, Nagios defines a default user nagiosadmin with no password and a default contact 
nagiosadmin. Before you can log in to the Nagios website, you must set a password for the Nagios 
user nagiosadmin. For information about configuring a password and setting up contact information 
for the Nagios user nagiosadmin, see Section 8.5.1, “Configuring Nagios Authenticated Users and 


Contacts,” on page 53. 


+ “Changing the HTTPSTKD 
Configuration” on page 37. 


+ “Accessing and Editing the 
HTTPSTKD Configuration 
File” on page 39. 


“Starting or Stopping HTTPSTKD” 
on page 30. 


Security Considerations 
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HTTPSTKD Configuration File 
Options 


To control the behavior of Novell Remote Manager on Linux, you can specify the options listed in the 
HTTPSTKD configuration file in /etc/opt /novell/httpstkd. conf. This information is in the default 
configuration file when installing a new server. If you modify the settings, you can view the default file 
settings in the /etc/opt/novell/httpstkd.conf.org file. 


If you are upgrading your server, you might need to update or add the information and settings noted 
if you want the applicable functionality. 


To edit the /etc/opt/novell/httpstkd. conf file in Novell Remote Manager: 
1 Log in to Novell Remote Manager as the root user of the target server. 


2 Click the Configure icon in the header frame. 


3 On the Novell Remote Manager Configuration Options page, click HTTP Interface Management 
> Edit httpstkd config file. 


4 Modify the settings. 
5 To keep the changes, click Save Changes. 


The main content frame opens to the Directory Listing for the /etc/opt/novel1 folder. You can 
verify the date and time on the file. 


6 Restart the httpstkd daemon to apply the changes. 


6a Click the || Configure icon to return to the Configuration Options page. 
6b Under Daemon Restart, click Restart httpstkd. 


The following options are available for controlling the behavior of Novell Remote Manager on Linux: 


+ 


Section A.1, “Address and Port Commands,” on page 159 

Section A.2, “Disable Auto LUM Command,” on page 160 

Section A.3, “Email Notification Commands (OES 11 SP1 and Earlier),” on page 162 
Section A.4, “Filtering Commands,” on page 163 


+ 


+ 


+ 


+ 


Section A.5, “HttpOnly Command,” on page 164 


+ 


Section A.6, “InventoryResolveNonLumOwnerName Command,” on page 165 


+ 


Section A.7, “Language Commands,” on page 165 


+ 


Section A.8, “Load Command,” on page 167 
Section A.9, “SSL Key Cipher Strength Command,” on page 168 


+ 


+ 


Section A.10, “Supervisor Only Command,” on page 168 


A.1 Address and Port Commands 


Purpose 


Specifies each address and port that HTTPSTKD opens and listens on. 
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Optionally, you can enable SSL on the port using the keyfile and certfile parameters. SSL 
encrypts the login, so that passwords are not sent over the Internet in plain text. 


Syntax 
addr ip_address:port_number 


addr ip address:port_number keyfile:key file path/keyfile_name.key 
certfile:certificate file path/cerfile name.pem 


Option Use 
IP_address One of the following: 
+ 0.0.0.0 


+ The assigned static IP address of the node 


A DNS name is not allowed. 


port One of the following for public or secure: 


+ 8008 is the default public port 
+ 8009 is the default secure port 


+ any port not in use on the server 


If you are accessing Novell Remote Manager outside a firewall, these ports must 


be open. 
keyfile=<keyfile_path/ A .key file is the private key used to encrypt SSL-enabled requests. The key 
keyfile_name.key> corresponds to the public key in the certificate. 


/etc/opt/novell/httpstkd/server.key is the default path and file name ona 
new server installation. 


certfile=<certificate_path/ A .pem file is a base64 ASCII encoded SSL certificate and its public key. 


certfile_name.pem> i . 
/etc/opt/novell/httpstkd/server.pem is the default path and file name on a 


new server installation. 


Examples 
addr 0.0.0.0:8008 


addr 0.0.0.0:8009 keyfile=/etc/opt/novell/httpstkd/server.key certfile=/etc/opt/ 
novell/httpstkd/server.pem 


A.2 Disable Auto LUM Command 


Purpose 


Only the root user has full management rights in Novell Remote Manager. The root user is a local 
superuser, and is not an eDirectory user. This allows the server to be managed even if the eDirectory 
authentication service is down. 
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Auto LUM lets eDirectory users that are enabled with Linux User Management (LUM) log in to Novell 
Remote Manager by using their eDirectory user names and passwords. For example, you can log in 
as user Admin or as a user with rights equivalent to Admin rather than logging in as user root. When 
LUM-enabled eDirectory users access Novell Remote Manager, they are allowed to view only the file 
systems that they have the eDirectory rights and file system rights to see. 


NOTE: You can use the supervisoron1y option to restrict access for LUM-enabled eDirectory users 
to only the Admin user and users with rights equivalent to the Admin user. 


By default, the eDirectory users that are not LUM-enabled cannot access the server with Novell 
Remote Manager. They can view their files via NCP, CIFS, or AFP. 


We recommend against creating local users other than the root user. However, if non-root local 
users access Novell Remote Manager, they must log in using the user name and password created 
on the local system. Only limited functionality is available. They can view only those file systems that 
they have the local access rights to see. The nolum option does not prevent the local-only users from 
logging in to Novell Remote Manager. 


Use the nolum command to deny access to all LUM-enabled eDirectory users. By default, non-LUM- 
enabled eDirectory users continue to be denied access. Only the root user has full management 
access to Novell Remote Manager. 


Syntax 

nolum 

Option Use 

no setting This is the default setting. 


To perform all management functions, users must be logged in as user root. 


To view file system information, LUM-enabled eDirectory users can log in with their 
eDirectory user name and password. Non-LUM-enabled eDirectory users are 
denied access. 


To view local file system information only, non-root local users can log in with their 
locally created user names and passwords. We recommend against creating non- 
root local users. 


When the nolum command is not specified, HTTPSTKD checks its PAM 
configuration file at load time and adds the LUM configuration to it if LUM is 
installed but not already in its configuration. 
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A.3 


Option Use 


nolum To perform all management functions, users must be logged in as user root. 


LUM-enabled eDirectory users are denied access. Non-LUM-enabled eDirectory 
users are denied access. 


To view local file system information only, non-root local users can log in with their 
locally created user names and passwords. We recommend against creating non- 
root local users. 


IMPORTANT: Setting this option does not disable LUM if it is already part of 
HTTPSTKD configuration. 


You can remove the auto LUM functionality by manually by editing /etc/pam.d/ 
httpstkd and removing these lines: 


auth sufficient /lib/security/pam_nam.so 
account sufficient /lib/security/pam_nam.so 


password sufficient /lib/security/pam_nam.so 
session optional /lib/security/pam_nam.so 


Example 


nolum 


Email Notification Commands (OES 11 SP1 and 
Earlier) 


Availability 


The httpstkd email notification commands are integrated with the Novell Remote Manager Health 
Monitor in OES 11 SP1 and earlier. The commands are not available in the HTTPSTKD configuration 
file in OES 11 SP2 and later. 


IMPORTANT: The Novell Remote Manager email notification system is not available in OES 11 SP2 
and later. 


For OES 11 SP2 and later, the email notification commands in the HTTPSTKD configuration file (/ 
etc/opt/novell/httpstkd.conf) are obsoleted by the alert notification system for Nagios. After 
you install or upgrade to OES 11 SP3, you must configure Nagios and set up an email address for the 
nagiosadmin user. You can also define other Nagios contacts. You can set up various notification 
methods for each Nagios contact, and assign the contacts to receive notifications for designated 
monitored service. For more information, see Section 8.5, “Configuring Nagios,” on page 53 

Section 8.9, “Modifying the Nagios Notification Methods for Contacts,” on page 64. 


Purpose 
Sets up email notification service in Novell Remote Manager. 


You can specify up to two mail servers and up to eight recipients to receive email when a notification 
is specified in the Novell Remote Manager server health area. Use a separate command line for each 
server or email address. 
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A.4 


Syntax 


mailserver IP_address 
mailto email address 


Command Use 

no setting Email notification is not configured. This is the default setting. 

mailserver Sends email notification to the specified mail server. You can specify up to two mail 
servers. 

mailto Sends email notification to the specified user. You can specify up to eight users. 

Example 


The following commands send email notifications to mail servers mail .bobs1lbank.com and 
smtp. bobslbank.com: 


mailserver mail.bobslbank.com 
mailserver smtp.bobslbank.com 


The following commands send email notifications to users Bob, George, and Mary from the mail 
server bobsibank.com: 


mailto bob@bobsibank.com 


mailto george@bobsibank.com 
mailto mary@bobslbank.com 


Filtering Commands 


Purpose 


Blocks access to Novell Remote Manager from all addresses except those specified by these 
filteraddr and filtersubnet commands. 


Syntax 


filteraddr IP_address 
filtersubnet IP_address subnet_mask 


Command Use 

not specified Allows access from any address. This is the default setting. 
filteraddr Allows access from specific addresses only. 

filtersubnet Allows access from any address on the specified network or subnet. 
Examples 


The following command allows access only from address 192.168.20.1: 
filteraddr 192.168.20.1 


The following command allows access from only addresses 192.56.56.0 through 192.56.59.255: 
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filteraddr 192.56.56.0 255.255.252.0 


A.5 HttpOnly Command 


Purpose 


Novell Remote manager sets an HttpOnly cookie attribute that specifies that the cookie is not 
accessible through a script. This helps mitigate the risk of cross-site scripting. 


Syntax 


If the HttpOnly flag is included in the HTTP response header, the cookie cannot be accessed through 
a client side script. 


If you modify the setting, you must restart Novell Remote Manager. 


HttpOnly <true|false> 


Option Use 
true Include HttpOnly as an attribute in the response header. 


This is the default setting. 


false Do not include HttpOnly in the response header. 


To disable the HttpOnly attribute: 


1 Log in to the server as the root user, then open a terminal console. 


2 Stop the httpstkd daemon by entering 
renovell-httpstkd stop 


3 Open the /etc/opt/novell/httpstkd.conf file in a text editor. 
4 Review the potential security concerns for changing HttpOnly to false. 


5 Change the setting from 
HttpOnly true 
to 
HttpOnly false 


6 Save the file and exit the text editor. 


7 Start the httpstkd daemon by entering 


rcenovell-httpstkd start 


Examples 


HttpOnly true 
HttpOnly false 
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A.6 


A.7 


InventoryResolveNonLumOwnerName Command 


Purpose 


The InventoryResolveNonLumOwnerName command is used when you perform an inventory of NSS 
volumes and the file owner UID is set to the Nobody user. The Nobody user is reported when a file is 
owned by a Novell eDirectory user that is not enabled with Linux User Management (LUM). 


Syntax 
If you modify the setting, you must restart Novell Remote Manager. 


InventoryResolveNonLumOwnerName <false|true> 


Option Use 


false The inventory does not resolve the user IDs of non-LUM-enabled file owners. The 
owner is reported as the Nobody user. 


This is the default setting. This provides faster performance for an inventory of files 
on an NSS volume when eDirectory users are not LUM enabled. 


true The inventory tries to resolve the user IDs of non-LUM-enabled file owners by using 
NSS APIs. This can result in a major performance impact for the inventory. The 
more non-LUM-enabled file owners the inventory encounters, the longer it takes to 
complete the inventory. 


Examples 


The following example does not resolve the user IDs of file owners that are not LUM enabled. This is 
the default setting. The non-LUM-enabled owners are reported as the Nobody user. 


InventoryResolveNonLumOwnerName false 


The following example resolves the user IDs of file owners that are not LUM enabled to the user 
name. The more non-LUM-enabled owners encountered, the longer the inventory can take. 


InventoryResolveNonLumOwnerName true 


Language Commands 


Purpose 


Sets up a mapping of HTTP Accept-Language header tags for Linux locales. These locales 
determine the languages in which the browser can view content through the Novell Remote Manager 


utility. 
To see a list of possible locales on your Linux server, enter the following at a shell prompt: 


locale -a 


Syntax 


lang HTTP_language_string locale_string 
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Command Use 
lang Use the following settings: 


+ English: en en_US.UTF8 

+ US English: en-us en_US.UTF8 

+ Chinese Simplified: zh-cn zh_CN.UTF8 
+ Chinese Traditional: zh-tw zh_TW.UTF8 
+ Czech: cs cs_CZ.UTF8 

+ French: fr fr_FR.UTF 

+ German: de de_DE.UTF8 

+ Hungarian: hu hu_HU.UTF8 

+ Italian: it it_IT.UTF8 

+ Japanese: ja ja_JP.UTF8 

+ Polish: pl pl_PL.UTF8 

+ Portuguese-Brazil: pt pt_BR.UTF8 

+ Russian: ru ru_RU.UTF8 

+ Spanish: es es ES.UTF8 

+ Slovak: sk sk_SK.UTF8 


These are the default settings for this release. 


In this release, Novell Remote Manager supports English, Chinese Simplified, 
Chinese Traditional, Czech, French, German, Hungarian, Italian, Japanese, 
Polish, Portuguese-Brazil, Russian, Spanish, and Slovak. 
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Example 


The following commands set the browser languages for English, French, Japanese, and Portuguese: 


lang en en_US.UTF8 
lang en-us en_US.UTF8 
lang zh-cn zh_CN.UTF8 
lang zh-tw zh_TW.UTF8 
lang cs cs CZ.UTF8 
lang cs-cz cs_CZ.UTF8 
lang fr fr_FR.UTF8 
lang fr-fr fr_FR.UTF8 
lang de de_DE.UTF8 
lang de-de de DE.UTF8 
lang hu hu_HU.UTF8 
lang hu-hu hu_HU.UTF8 
lang it it_IT.UTF8 
lang it-it it_IT.UTF8 
lang ja ja_JP.UTF8 
lang ja-jp ja_JP.UTF8 
lang pl pl_PL.UTF8 
lang pl-pl pl_PL.UTF8 
lang pt pt_BR.UTF8 
lang pt-BR pt_BR.UTF8 
lang ru ru_RU.UTF8 
lang ru-ru ru_RU.UTF8 
lang es es ES.UTF8 
lang es-es es_ES.UTF8 
lang sk sk_SK.UTF8 
lang sk-sk sk_SK.UTF8 


More Information 


If you are upgrading this server and you want to use this option, you need to add these parameters to 
the /etc/opt /novell/httpstkd.conf file for this server. 


Load Command 


Purpose 


Loads plug-in files used by Novell Remote Manager. 


Syntax 


load plug-in file _path/name 


Option Use 

plug-in_file_path /opt/novell/1lib/ is the default path for Novell Remote Manager plug-in files. 
plug-in_file_name libnrm.so is a default plug-in for Novell Remote Manager. 

Examples 


load nrm.so 


load /opt/novell/lib/libnrm.so 
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A.9 SSL Key Cipher Strength Command 


Purpose 


The Cipher command sets the bit strength for the SSL key that is required to access Novell Remote 
Manager. If you modify the setting, you must restart NRM. 


Syntax 


cipher strength 


Option Use 

all Allows any negotiated encryption level. This is the default setting. 
low Allows less than 56-bit encryption. 

medium Allows 56-bit up to 112-bit encryption. 

high Allows 112-bit or greater encryption 

Example 


The following example allows access to Novell Remote Manager only with encryption that is 112-bit 
or greater: 


cipher high 


You must restart Novell Remote Manager to apply the change. 


A.10 Supervisor Only Command 


Purpose 


Disables access to the server through Novell Remote Manager for all users except root. If Linux 
User Management is enabled for Novell Remote Manager, eDirectory user Admin and eDirectory 
users with rights equivalent to user Admin also have access to the server through Novell Remote 
Manager and can perform the same tasks as user root. 


Syntax 

supervisoronly 

Option Use 

no setting This is the default setting. 


Local users and all LUM-enabled eDirectory users can log in to Novell Remote 
Manager. 


The non-root and non-admin users have limited access to the server through 
Novell Remote Manager. They can access only the server's file systems that they 
have rights to and can perform very limited tasks such as file upload and text 
search. 
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Option Use 
supervisoronly Lets only user root and eDirectory user Admin and users with rights equivalent to 


Admin have access to the server through Novell Remote Manager. LUM must be 
set for eDirectory user access. 


Example 


supervisoronly 


More Information 


If you are upgrading this server and you want to use this option, you need to add these parameters to 
the /etc/opt/novell/httpstkd.conf file for this server. 
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Novell Remote Manager Packages 


Table B-1 lists the packages that are installed when the Novell Remote Manage pattern is installed on 
an Novell Open Enterprise Server (OES) 11 SP3 server. 


Table B-1 Packages Contained in the Novell Remote Manager Pattern 


Package (RPM) Description 


novell-lum-providers A set of CIM providers to facilitate the management of Linux 
User Management, which is a plug-in to PAM. 


novell-nrm Novell Remote Manager, web-based Linux machine 
management, and control interface. It contains all the binaries 
and necessary components for Novell Remote Manager. 


Table B-2 lists the plug-in software that adds functionality to Novell Remote Manager when the 
related OES Services pattern is installed: 


Table B-2 Packages for Program Plug-Ins to Novell Remote Manager 


RPM Description 


novell-ncpserv-nrm NRM plug-in for the Novell NCP Server and Dynamic 
Storage Technology 


novell-cifs-nrm NRM plug-in for Novell CIFS Services 


novell-afp-nrm NRM plug-in for Novell AFP Services 


Table B-3 lists the software that Novell Remote Manager depends on to report server and services 
health information in OES 11 SP2 and later: 


Table B-3 Open Source Packages Used for Server and Services Health Monitoring in OES 11 SP2 and Later 


RPM Description 


novell-ganglia-monitor-core-gmetad Ganglia Meta daemon that gathers the health statistics 
about the server 


novell-ganglia-monitor-core-gmond Ganglia Monitor daemon that provides the Ganglia 
monitoring service 


novell-ganglia-web Ganglia Distributed Monitoring System that provides 
historical graphs of the collected system metrics 


nagios Core programs for the Nagios Network Monitor 


nagios-plugins Nagios Plug-Ins that perform the service checks and 
return the status to Nagios 


nagios-www The HTML and CGI files for the Nagios web interface 
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Table B-4 lists the software that Novell Remote Manager depends on to report system health 
information in OES 11 SP1 and earlier: 


Table B-4 Key Dependencies of the Novell Remote Manager Pattern in OES 11 SP1 and Earlier 


RPM Description 


sblim-sfcb The Small Footprint CIM Broker (sfcb) is a CIM server 
that conforms to the CIM Operations over HTTP 
protocol. It supports providers written against the 
Common Manageability Programming Interface 
(CMPI) 


novell-hms-providers A set of CIM providers that facilitate the gathering of 
data for Health Management Services (HMS) 
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C.1 


Documentation Updates 


This section contains information about content changes that have been made in the Novell Remote 
Manager Administration Guide since the initial release of Novell Remote Manager for Novell Open 
Enterprise Server (OES) 11. 


This document was updated on the following dates: 


¢ Section C.1, “January 2014 (OES 11 SP2),” on page 173 
¢ Section C.2, “August 2012 (OES 11 SP1),” on page 177 


January 2014 (OES 11 SP2) 


Updates were made to the following sections. The changes are explained below. 


+ 


+ 


+ 


+ 


+ 


Section C.1.1, “Accessing Novell Remote Manager for Linux,” on page 174 
Section C.1.2, “Diagnosing Problems Using Ganglia and Nagios (OES 11 SP2),” on page 175 
Section C.1.3, “HTTPSTKD Configuration File Options,” on page 175 

Section C.1.4, “Managing AFP Services,” on page 175 

Section C.1.5, “Managing CIFS Services,” on page 175 

Section C.1.6, “Managing Dynamic Storage Technology Options,” on page 175 
Section C.1.7, “Managing NCP Services,” on page 175 

Section C.1.8, “Novell Remote Manager Packages,” on page 176 

Section C.1.9, “Overview of Novell Remote Manager for Linux,” on page 176 
Section C.1.10, “Security Considerations,” on page 176 

Section C.1.11, “Troubleshooting Novell Remote Manager,” on page 176 

Section C.1.12, “Using Group Operations,” on page 176 

Section C.1.13, “Viewing File Systems,” on page 177 

Section C.1.14, “What’s New or Changed in Novell Remote Manager,” on page 177 
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C.1.1 Accessing Novell Remote Manager for Linux 


174 


Location 


Section 6.1, “System Requirements,” on page 27 


Change 


Updated web browser versions to latest versions. 
Support was added for the following web browsers: 


+ Internet Explorer 10 in the desktop user interface 
view on Windows 7 clients and Windows 8 clients 


+ Safari 6.0 on Mac OS X Mountain Lion (version 
10.8) clients 


For certificate handling, we recommend you enable 
your web browser for SSL 3.0 or the latest TLS if it is 
available. 


Figure 6-1, “Layout of Novell Remote Manager for 
OES 11 SP2 and Later,” on page 31 


This layout is new for OES 11 SP2. 


For OES 11 SP2, the key additions are the Novell 
CIFS plug-in to manage CIFS connections and the 
Novell AFP plug-in to manage AFP connections. 
Under the Diagnose option, the Health Monitor 
function is obsoleted by the use of Ganglia and Nagios 
open source software to monitor system performance 
and services health. 


Section 6.2, “Accessing Novell Remote Manager,” on 
page 28 


This section was reorganized for clarity. 


Step 3 in Section 6.2, “Accessing Novell Remote 
Manager,” on page 28 


TLS 1.0 or later is also supported for SSL. 


Section 6.4.1, “Header Frame,” on page 33 


Section 6.4.2, “Overall Health Indicator,” on page 33 


Clicking the Health Monitor icon takes you to the 
Nagios Service Detail page. 


You can also access Novell Support (http:// 
www.novell.com/support) by clicking the Novell big red 


Nicon N onthe right side of the header frame. 


For OES 11 SP2, the overall health status is 
determined from the services you configure to be 
monitored and displayed on the Nagios Service Detail 


page. 


Clicking the Server Health icon takes you to the 
Nagios Service Detail page. 


Section 6.4.3, “Navigation Frame,” on page 34 


Added links to information about the standard NRM 
navigation roles. 


Section 6.4.4, “Program Plug-Ins in the Navigation 
Frame,” on page 35 


This section is new. 


The Novell CIFS plug-in allows you to manage CIFS 
connections on the server. 


The Novell AFP plug-in allows you to manage AFP 
connections on the server. 
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C.1.2 Diagnosing Problems Using Ganglia and Nagios (OES 11 
SP2) 


Chapter 8, “Diagnosing Problems Using Ganglia and Nagios (OES 11 SP3),” on page 45 is new. 
Beginning in OES 11 SP2, Ganglia and Nagios open source software are used to monitor server and 
service health. 


C.1.3 HTTPSTKD Configuration File Options 


Location Change 


Section A.3, “Email Notification Commands (OES 11 The email notification commands mailserver and 

SP1 and Earlier),” on page 162 mailto in the HTTPSTKD configuration file (/etc/ 
opt /novell/httpstkd.conf) are obsoleted by the 
notification system for Nagios. The commands are not 
available in the HTTPSTKD configuration file 
beginning in OES 11 SP2. 


Section A.5, “HttpOnly Command,” on page 164 The configuration file name is /etc/opt /novell/ 
httpstkd. conf. 


The command name HttpOnly is case sensitive. 


C.1.4 Managing AFP Services 


Chapter 16, “Managing AFP Services,” on page 141 is new. 


C.1.5 Managing CIFS Services 


Chapter 15, “Managing CIFS Services,” on page 137 is new. 


C.1.6 Managing Dynamic Storage Technology Options 


Chapter 14, “Managing Dynamic Storage Technology Options,” on page 133 is new. 


C.1.7 Managing NCP Services 


Chapter 13, “Managing NCP Services,” on page 105 is new. The NCP-related content was moved 
here from Chapter 9, “Viewing File Systems,” on page 69. 


Location Change 
Section 13.3.4, “Emailing a Saved NCP Inventory The Novell Remote Manager email notification system 
Report (OES 11 SP1),” on page 126 is not supported on OES 11 SP2. The send email 


option on the NCP Inventory Reports page is 
supported only on OES 11 SP1 and earlier. 


Section 13.6.3, “Emailing a Saved NCP Trustee The Novell Remote Manager email notification system 

Report (OES 11 SP1),” on page 130 is not supported on OES 11 SP2. The send email 
option on the NCP Trustee Reports page is supported 
only on OES 11 SP1 and earlier. 
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C.1.9 


C.1.10 


C.1.11 


C.1.12 
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Novell Remote Manager Packages 


Location 


Table B-2, “Packages for Program Plug-Ins to Novell 
Remote Manager,” on page 171 


Change 


This table describes the NRM plug-in packages. 


Table B-3, “Open Source Packages Used for Server 
and Services Health Monitoring in OES 11 SP2 and 
Later,” on page 171 


This table describes the open-source health 
monitoring software used by Novell Remote Manager 
to report server and services health information. 


Table B-4, “Key Dependencies of the Novell Remote 
Manager Pattern in OES 11 SP1 and Earlier,” on 
page 172 


This table describes the software used by Novell 
Remote Manager to report system health information. 


Overview of Novell Remote Manager for Linux 


Location 


Table 1-2, “Information about Plug-Ins to Novell 
Remote Manager,” on page 13 


Security Considerations 


Location 


“Certificate handling by the web browser” on page 153 


Change 


This table links to quick references about the plug-in in 
this guide and to the books for the related OES 
Services. 


Change 


Certificate handling requires SSL 2.0 or later, or TLS 
1.0 or later, to be enabled in your web browser. We 
recommend the higher security options of SSL 3.0, or 
the latest TLS if it is available. 


Troubleshooting Novell Remote Manager 


Location 


Section 18.2, “Error while loading shared libraries: 
libldapx.so.0,” on page 149 


Using Group Operations 


Location 


Section 12.1, “Building and Configuring a Monitoring 
Group,” on page 94 


Change 


This section is new. 


Change 


The Web Page monitoring option shows the response 
when trying to determine if the communication is 
working to a server that hosts a website. 
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C.1.13 


C.1.14 


C.2 


Location 


Section 13.6.3, “Emailing a Saved NCP Trustee 
Report (OES 11 SP1),” on page 130 


Viewing File Systems 


Location 


Section 13.2.5, “Salvaging and Purging Deleted Files 
on an NSS Volume,” on page 120 


Change 


The Novell Remote Manager email notification system 
is not supported on OES 11 SP2. The Email Options 
on the Group Operations Configuration page are 
supported only on OES 11 SP1 and earlier. 


Change 


If the deleted file resided in a directory that has been 
deleted, you must first salvage the deleted directories 
in the path. Salvage each lower directory in turn until 
you have salvaged the deleted directory that contained 
the file. You can then search for the deleted file in the 
salvaged directory. 


You can also select a deleted directory and use the 
Purge option to purge the deleted directory and all of 
the deleted subdirectories and files that it contains. 


“Performing Actions on Files from Custom Reports” on 
page 128 


Actions on files in the inventory are performed in the 
selected volume. 


The target path must be to a location on the same 
volume. 


What’s New or Changed in Novell Remote Manager 


Location 


Section 2.2, “What’s New (OES 11 SP2),” on page 15 


Change 


This section is new. 


August 2012 (OES 11 SP1) 


Updates were made to the following sections. The changes are explained below. 


¢ Section C.2.1, “Managing a Virtualized Linux Server with Novell Remote Manager,” on page 178 


¢ Section C.2.2, “Viewing File Systems,” on page 178 


¢ Section C.2.3, “What's New or Changed in Novell Remote Manager,” on page 178 
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C.2.1 


C.2.2 


C.2.3 


Managing a Virtualized Linux Server with Novell Remote 


Manager 


Location 


Chapter 4, “Managing a Virtualized Linux Server with 
Novell Remote Manager,” on page 23 


Viewing File Systems 


Location 
Section 13.3, “Generating Inventories for Directories 


or NCP Volumes,” on page 121 


Section 13.6, “Generating and Viewing NCP Trustee 
Reports for NSS Volumes,” on page 129 


Change 


KVM is supported in OES 11 SP1 and later. 


Change 


File ownership information can now be retrieved for 
files on NSS volumes without needing to enable users 
with Linux User Management. 


This section is new. 


What’s New or Changed in Novell Remote Manager 


Location 


Change 


Section 2.3, “What’s New (OES 11 SP1),” on page 17 This section is new. 
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